|
4F10000
|
direct allocation
|
page read and write
|
 |
|
|
| Name: |
00000001.00000003.1223636159.0000000004F10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4F10000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
C1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346772088.00000000000C1000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4EF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1300118568.0000000004EF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EF0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4B20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1306345455.0000000004B20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B20000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
C1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1341558629.00000000000C1000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5250000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1817827669.0000000005250000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5250000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
C1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460152541.00000000000C1000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
6F1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310394274.00000000006F1000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6F1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464429091.0000000004CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CBE000
|
| Size: |
8192
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1294582687.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1311000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271848501.0000000001311000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1311000
|
| Size: |
36864
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810967743.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4B85000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1306345455.0000000004B85000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B85000
|
| Size: |
12288
|
|
|
3ED000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000007.00000000.1291430354.00000000003ED000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3ED000
|
| Size: |
1769472
|
|
|
C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347558762.0000000000C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C59000
|
| Size: |
73728
|
|
|
4691000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304187513.0000000004691000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4691000
|
| Size: |
241664
|
|
|
1220000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1223071826.0000000001220000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1220000
|
| Size: |
53248
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1298908182.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270367041.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
63C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276688488.00000000063C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C5000
|
| Size: |
8192
|
|
|
5050000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224715903.0000000005050000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5050000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266069395.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348737872.0000000003F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F3E000
|
| Size: |
8192
|
|
|
F5A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311363455.0000000000F5A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F5A000
|
| Size: |
24576
|
|
|
3ED000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.1280189467.00000000003ED000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3ED000
|
| Size: |
1769472
|
|
|
4F75000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1223636159.0000000004F75000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4F75000
|
| Size: |
12288
|
|
|
2F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345261040.0000000002F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F4F000
|
| Size: |
4096
|
|
|
31CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312203845.00000000031CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31CE000
|
| Size: |
8192
|
|
|
41CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317381325.00000000041CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CF000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837838105.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265896105.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1349163157.0000000004690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4690000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270414100.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
37CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345645564.00000000037CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CE000
|
| Size: |
8192
|
|
|
48FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464174077.00000000048FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48FE000
|
| Size: |
8192
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838112576.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464301615.0000000004B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B3F000
|
| Size: |
4096
|
|
|
368E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345604203.000000000368E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368E000
|
| Size: |
8192
|
|
|
138E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345006176.000000000138E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
138E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836295639.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1813297176.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
680F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318188163.000000000680F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
680F000
|
| Size: |
4096
|
|
|
5050000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300714521.0000000005050000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5050000
|
| Size: |
4096
|
|
|
418F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346158561.000000000418F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
418F000
|
| Size: |
4096
|
|
|
585E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465484783.000000000585E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
585E000
|
| Size: |
8192
|
|
|
2D40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345203220.0000000002D40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D40000
|
| Size: |
16384
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1219989685.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
5AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465721749.0000000005AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AC0000
|
| Size: |
4096
|
|
|
340E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345494844.000000000340E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
340E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810892675.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
75D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000002.1310457362.000000000075D000.00000008.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
75D000
|
| Size: |
4096
|
|
|
3DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463385531.0000000003DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBE000
|
| Size: |
8192
|
|
|
5400000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464799419.0000000005400000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5400000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1318002953.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
5490000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2465167376.0000000005490000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5490000
|
| Size: |
4096
|
|
|
12FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2461893303.00000000012FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12FD000
|
| Size: |
12288
|
|
|
3DD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.00000000003DD000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3DD000
|
| Size: |
45056
|
|
|
444F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317511113.000000000444F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444F000
|
| Size: |
4096
|
|
|
670E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318167906.000000000670E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
670E000
|
| Size: |
8192
|
|
|
89C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347441046.000000000089C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89C000
|
| Size: |
16384
|
|
|
12D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277597724.00000000012D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D0000
|
| Size: |
12288
|
|
|
4A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317793512.0000000004A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A90000
|
| Size: |
36864
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820862800.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1222054300.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
3C6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348604030.0000000003C6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C6F000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1219495107.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
4ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1219579104.0000000004ED0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4ED0000
|
| Size: |
176128
|
|
|
1170000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344939124.0000000001170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1170000
|
| Size: |
16384
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307211719.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
1410000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.0000000001410000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1410000
|
| Size: |
36864
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265828937.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
434E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317483163.000000000434E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
434E000
|
| Size: |
8192
|
|
|
599000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1347394914.0000000000599000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
599000
|
| Size: |
8192
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818360802.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836397178.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837811264.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270207904.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1217884470.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
32CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345414946.00000000032CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32CE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272208829.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810943945.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228646915.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000002.1342269405.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810865717.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
123A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.000000000123A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
123A000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837030270.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
50C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317917333.00000000050C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50C0000
|
| Size: |
4096
|
|
|
12EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311976971.00000000012EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12EE000
|
| Size: |
73728
|
|
|
2C2000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.00000000002C2000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
2C2000
|
| Size: |
929792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228946652.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3ED000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000B.00000000.1806131035.00000000003ED000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3ED000
|
| Size: |
1769472
|
|
|
328F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345391204.000000000328F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820953590.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837742871.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229886146.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312053629.0000000002CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CCE000
|
| Size: |
8192
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300542632.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836419973.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1813639804.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
12E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271454190.00000000012E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6000
|
| Size: |
77824
|
|
|
3AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463186828.0000000003AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AFF000
|
| Size: |
4096
|
|
|
4AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1300976602.0000000004AD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4AD0000
|
| Size: |
180224
|
|
|
1070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311474242.0000000001070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1070000
|
| Size: |
16384
|
|
|
A1D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.0000000000A1D000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A1D000
|
| Size: |
4096
|
|
|
3A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348546098.0000000003A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A2E000
|
| Size: |
8192
|
|
|
103D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311432972.000000000103D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
103D000
|
| Size: |
12288
|
|
|
30FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462456594.00000000030FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FF000
|
| Size: |
4096
|
|
|
4EF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1299607250.0000000004EF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EF0000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230106049.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
467F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1349073800.000000000467F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837171218.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
12F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271806918.00000000012F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F9000
|
| Size: |
86016
|
|
|
43BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463786748.00000000043BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43BF000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820501846.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2466099472.0000000005EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EFE000
|
| Size: |
8192
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1291080747.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
3DAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348646743.0000000003DAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DAF000
|
| Size: |
4096
|
|
|
130F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272642549.000000000130F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130F000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
3EE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000007.00000002.1347254178.00000000003EE000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3EE000
|
| Size: |
1748992
|
|
|
494E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346847374.000000000494E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494E000
|
| Size: |
8192
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1301774119.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
2C2000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.00000000002C2000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
2C2000
|
| Size: |
929792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
453F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348946126.000000000453F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453F000
|
| Size: |
4096
|
|
|
130F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271406131.000000000130F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130F000
|
| Size: |
8192
|
|
|
46CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346726927.00000000046CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CE000
|
| Size: |
8192
|
|
|
5450000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2465002495.0000000005450000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5450000
|
| Size: |
4096
|
|
|
1207000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311660047.0000000001207000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1207000
|
| Size: |
32768
|
|
|
10BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347752479.00000000010BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10BF000
|
| Size: |
4096
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300566433.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300480986.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837970939.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818314628.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820707199.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2CAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345076119.0000000002CAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CAE000
|
| Size: |
8192
|
|
|
5D5C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2466001042.0000000005D5C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D5C000
|
| Size: |
16384
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1218238321.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
1260000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.0000000001260000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1260000
|
| Size: |
90112
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297761530.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
312F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348223146.000000000312F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
312F000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837782429.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838167040.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
3EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463427250.0000000003EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EBF000
|
| Size: |
4096
|
|
|
12AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281612454.00000000012AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12AF000
|
| Size: |
118784
|
|
|
4DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464473668.0000000004DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DBF000
|
| Size: |
4096
|
|
|
408E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346102553.000000000408E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228477095.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346011057.0000000003E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0E000
|
| Size: |
8192
|
|
|
5410000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464845771.0000000005410000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838086401.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837371312.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1267271970.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463468596.0000000003EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1222308219.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3B4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345852334.0000000003B4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B4F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1231079679.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1298172463.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
571E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465339739.000000000571E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
571E000
|
| Size: |
8192
|
|
|
59AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465627694.00000000059AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59AE000
|
| Size: |
8192
|
|
|
42FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348883607.00000000042FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42FE000
|
| Size: |
8192
|
|
|
1060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311455197.0000000001060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1060000
|
| Size: |
4096
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000007.00000002.1346883610.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298200740.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836654721.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346900925.0000000004A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A50000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266196426.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269186618.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269643306.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818059419.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
8192
|
|
|
50F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347123373.00000000050F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50F0000
|
| Size: |
4096
|
|
|
59B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000B.00000002.2461801371.000000000059B000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
59B000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836993576.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1370000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462012327.0000000001370000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1370000
|
| Size: |
16384
|
|
|
685E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276523891.000000000685E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
685E000
|
| Size: |
4096
|
|
|
2C2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348071733.0000000002C2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C2F000
|
| Size: |
4096
|
|
|
403F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348760093.000000000403F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270026926.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
29EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347952402.00000000029EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29EF000
|
| Size: |
4096
|
|
|
39BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463097392.00000000039BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39BF000
|
| Size: |
4096
|
|
|
4DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464505277.0000000004DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
8192
|
|
|
12D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281551404.00000000012D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D4000
|
| Size: |
73728
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836838838.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
443E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348922022.000000000443E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
443E000
|
| Size: |
8192
|
|
|
12F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.000000000012F000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12F000
|
| Size: |
1638400
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228255719.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836488112.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269921634.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347558762.0000000000C40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C40000
|
| Size: |
36864
|
|
|
FCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2461848765.0000000000FCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FCC000
|
| Size: |
16384
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268916683.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304515391.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
1220000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1223413959.0000000001220000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1220000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837311569.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462426731.0000000002FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FFE000
|
| Size: |
8192
|
|
|
59B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000007.00000002.1347418900.000000000059B000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
59B000
|
| Size: |
8192
|
|
|
1295000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311883451.0000000001295000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1295000
|
| Size: |
94208
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269952117.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820822064.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1216861193.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
49152
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1302603157.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
49152
|
|
|
3D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1313356760.0000000003D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D0E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820655577.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
498E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317752989.000000000498E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
8192
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297716259.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
2C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345057862.0000000002C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C6E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270327409.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224394865.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1812479578.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
28E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347822012.00000000028E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
28E7000
|
| Size: |
8192
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300438824.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
8192
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818280323.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836541329.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229075999.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
11D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311610713.00000000011D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836886449.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5060000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300736718.0000000005060000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5060000
|
| Size: |
4096
|
|
|
12F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271406131.00000000012F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F9000
|
| Size: |
61440
|
|
|
66CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318149763.00000000066CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
66CF000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1302932489.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1306938579.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818187823.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266136838.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228002248.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224011049.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000007.00000000.1291201587.00000000000C0000.00000002.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1815165172.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837398929.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4D50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349465714.0000000004D50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D50000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229049134.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269338820.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820879985.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
100A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344801938.000000000100A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
100A000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228792346.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816616279.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228096982.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
458F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317569146.000000000458F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458F000
|
| Size: |
4096
|
|
|
33AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348327265.00000000033AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33AF000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230273643.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836800901.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
49FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464218083.00000000049FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49FF000
|
| Size: |
4096
|
|
|
599000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1344672185.0000000000599000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
599000
|
| Size: |
8192
|
|
|
A0D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.0000000000A0D000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A0D000
|
| Size: |
45056
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000007.00000000.1291405526.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
12F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000001.1293137462.000000000012F000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
image loaded
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12F000
|
| Size: |
1638400
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837131676.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
6F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.1210828643.00000000006F0000.00000002.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6F0000
|
| Size: |
4096
|
|
|
5460000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2465049373.0000000005460000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5460000
|
| Size: |
4096
|
|
|
3D6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.00000000003D6000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3D6000
|
| Size: |
24576
|
|
|
3CAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348623121.0000000003CAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CAE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272264236.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317774424.0000000004A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A8F000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1814440692.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
378F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345626929.000000000378F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
378F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272427800.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
380E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312645933.000000000380E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
380E000
|
| Size: |
8192
|
|
|
123E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.000000000123E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
123E000
|
| Size: |
135168
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837152035.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1341531406.00000000000C0000.00000004.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
377E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462962291.000000000377E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377E000
|
| Size: |
8192
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1221723194.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820444679.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
3A0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345737785.0000000003A0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A0F000
|
| Size: |
4096
|
|
|
C1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000007.00000000.1291281502.00000000000C1000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
C1000
|
| Size: |
188416
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1296535053.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
390F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312738115.000000000390F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390F000
|
| Size: |
4096
|
|
|
50E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347101874.00000000050E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50E0000
|
| Size: |
4096
|
|
|
337F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462656026.000000000337F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337F000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1221385143.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
142E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312029030.000000000142E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
142E000
|
| Size: |
8192
|
|
|
354E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345525414.000000000354E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354E000
|
| Size: |
8192
|
|
|
12E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277261140.00000000012E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7000
|
| Size: |
4096
|
|
|
33EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348347187.00000000033EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33EE000
|
| Size: |
8192
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1301386743.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
5214000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318063273.0000000005214000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5214000
|
| Size: |
12288
|
|
|
1175000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344939124.0000000001175000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1175000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269019839.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
56DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465284632.00000000056DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56DF000
|
| Size: |
4096
|
|
|
1150000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344908539.0000000001150000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1150000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810990003.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224217791.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000B.00000000.1806032236.00000000000C0000.00000002.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
304F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312143910.000000000304F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
304F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816655871.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1349215318.0000000004C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C5F000
|
| Size: |
4096
|
|
|
3ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.00000000003ED000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3ED000
|
| Size: |
4096
|
|
|
DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347686459.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA0000
|
| Size: |
16384
|
|
|
559B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465210368.000000000559B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
559B000
|
| Size: |
20480
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1300338240.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
118E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311521086.000000000118E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
118E000
|
| Size: |
8192
|
|
|
6F0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1310374701.00000000006F0000.00000004.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
4096
|
|
|
5430000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464918918.0000000005430000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5430000
|
| Size: |
4096
|
|
|
4CE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349295744.0000000004CE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CE0000
|
| Size: |
4096
|
|
|
50D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347083317.00000000050D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836271219.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
3ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.00000000003ED000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3ED000
|
| Size: |
4096
|
|
|
37CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312613569.00000000037CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CF000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836955737.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837294367.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229229804.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820673123.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838139967.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
3E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1314282009.0000000003E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E4E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821043641.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
326F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348284149.000000000326F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
326F000
|
| Size: |
4096
|
|
|
5B1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465775254.0000000005B1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B1D000
|
| Size: |
12288
|
|
|
12AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281759781.00000000012AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12AE000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1220375842.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
363E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462878588.000000000363E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836636027.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837611754.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230079504.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271087160.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818152335.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
2DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312068813.0000000002DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DCF000
|
| Size: |
4096
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000000.1280138587.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
3DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345993850.0000000003DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DCF000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228295099.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349444514.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
FB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344764134.0000000000FB0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FB0000
|
| Size: |
4096
|
|
|
1497000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.0000000001497000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1497000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821115483.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304437825.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300597649.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298803035.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
4096
|
|
|
304F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345284125.000000000304F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
304F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820561551.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1813711647.0000000005200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5200000
|
| Size: |
151552
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271335032.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228044037.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
373F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462917518.000000000373F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
373F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272545343.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
47BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464105753.00000000047BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BE000
|
| Size: |
8192
|
|
|
3D6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.00000000003D6000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3D6000
|
| Size: |
24576
|
|
|
581E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465383241.000000000581E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
581E000
|
| Size: |
8192
|
|
|
E5C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344716240.0000000000E5C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E5C000
|
| Size: |
16384
|
|
|
403E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463560268.000000000403E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403E000
|
| Size: |
8192
|
|
|
3ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.00000000003ED000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3ED000
|
| Size: |
4096
|
|
|
12D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281551404.00000000012D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D0000
|
| Size: |
12288
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820987775.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1298555823.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347486685.0000000000C00000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C00000
|
| Size: |
4096
|
|
|
75D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000000.1210876087.000000000075D000.00000008.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
75D000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1297095988.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
52B5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1817827669.00000000052B5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
52B5000
|
| Size: |
12288
|
|
|
C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2460060263.00000000000C0000.00000004.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
5210000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318063273.0000000005210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5210000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1222230211.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
502F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346965676.000000000502F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
502F000
|
| Size: |
4096
|
|
|
368F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312489005.000000000368F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368F000
|
| Size: |
4096
|
|
|
43FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348903426.00000000043FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FF000
|
| Size: |
4096
|
|
|
354F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312428840.000000000354F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354F000
|
| Size: |
4096
|
|
|
75F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.000000000075F000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
75F000
|
| Size: |
1638400
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836369498.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
538F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464674578.000000000538F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
538F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836612095.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821083864.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1297798690.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1218585267.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228875737.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818233678.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820970983.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230155494.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4D20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349398662.0000000004D20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D20000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228715417.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837207171.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821062039.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1306974847.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836975374.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820542708.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
FBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347732367.0000000000FBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FBE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1227105458.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
53E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464717765.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53E0000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1226967578.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295339398.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837087454.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224071599.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
3EE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000002.1344530740.00000000003EE000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3EE000
|
| Size: |
1748992
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224301451.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1815508266.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272478804.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
362F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348404035.000000000362F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
362F000
|
| Size: |
4096
|
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311383138.0000000000FC0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820729785.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
504F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317855725.000000000504F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
504F000
|
| Size: |
4096
|
|
|
756000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310394274.0000000000756000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
756000
|
| Size: |
16384
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821007990.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
394E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312763399.000000000394E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
394E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272387416.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820268381.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4CD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349274187.0000000004CD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CD0000
|
| Size: |
4096
|
|
|
C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347521159.0000000000C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C30000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810919989.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837331072.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
12B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311927040.00000000012B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B6000
|
| Size: |
90112
|
|
|
5250000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1817677771.0000000005250000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5250000
|
| Size: |
53248
|
|
|
41BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348835557.00000000041BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41BE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272318327.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
6990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318228460.0000000006990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6990000
|
| Size: |
12288
|
|
|
1000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344801938.0000000001000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1000000
|
| Size: |
32768
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837480012.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1226757735.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
49152
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297805366.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268732816.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307122126.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266169168.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348584135.0000000003B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B6E000
|
| Size: |
8192
|
|
|
46CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317610717.00000000046CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CF000
|
| Size: |
4096
|
|
|
40CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317330067.00000000040CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40CE000
|
| Size: |
8192
|
|
|
5DFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2466061260.0000000005DFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DFD000
|
| Size: |
12288
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272077025.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348668961.0000000003DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DEE000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820524461.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4B20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1305581673.0000000004B20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B20000
|
| Size: |
53248
|
|
|
3A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312789839.0000000003A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836780649.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272348802.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820933911.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266105173.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
477F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464066165.000000000477F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
477F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1267848000.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
A1E000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000002.1311102906.0000000000A1E000.00000080.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
A1E000
|
| Size: |
1748992
|
|
|
417E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463659778.000000000417E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417E000
|
| Size: |
8192
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1812037509.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
6851000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276523891.0000000006851000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6851000
|
| Size: |
4096
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300508540.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
34FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462783111.00000000034FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FE000
|
| Size: |
8192
|
|
|
12E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277933676.00000000012E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E5000
|
| Size: |
4096
|
|
|
C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1279701347.00000000000C0000.00000002.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
36CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312580941.00000000036CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36CE000
|
| Size: |
8192
|
|
|
352E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348384600.000000000352E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
352E000
|
| Size: |
8192
|
|
|
126000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460152541.0000000000126000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
126000
|
| Size: |
16384
|
|
|
1200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311660047.0000000001200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1200000
|
| Size: |
20480
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836718006.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821183129.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1301000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277261140.0000000001301000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1301000
|
| Size: |
139264
|
|
|
4C80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307159218.0000000004C80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C80000
|
| Size: |
4096
|
|
|
1277000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.0000000001277000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1277000
|
| Size: |
20480
|
|
|
2FB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462327931.0000000002FB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FB0000
|
| Size: |
16384
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229181120.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463516820.0000000003FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FFF000
|
| Size: |
4096
|
|
|
2D2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345182350.0000000002D2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D2E000
|
| Size: |
8192
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300617812.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1222262586.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837277123.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
706C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318436443.000000000706C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
706C000
|
| Size: |
16384
|
|
|
38CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345662530.00000000038CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38CF000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224128039.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
12FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272642549.00000000012FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12FE000
|
| Size: |
4096
|
|
|
37AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348471812.00000000037AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37AE000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269428205.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228524200.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5480000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2465136607.0000000005480000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5480000
|
| Size: |
4096
|
|
|
528C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464635086.000000000528C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
528C000
|
| Size: |
16384
|
|
|
323F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462562392.000000000323F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269215168.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4CC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349253126.0000000004CC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CC0000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269158769.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5250000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1817345258.0000000005250000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5250000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1270519458.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5C5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465947053.0000000005C5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C5D000
|
| Size: |
12288
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1346984103.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
50B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347035213.00000000050B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50B0000
|
| Size: |
4096
|
|
|
316E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348240815.000000000316E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
316E000
|
| Size: |
8192
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1220726705.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347167176.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
126000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346772088.0000000000126000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
126000
|
| Size: |
16384
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810795325.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
49152
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816768434.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
42BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348855564.00000000042BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BF000
|
| Size: |
4096
|
|
|
4CB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349232186.0000000004CB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
12F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271865252.00000000012F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F2000
|
| Size: |
28672
|
|
|
1321000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1273132349.0000000001321000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1321000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268946497.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5040000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300806721.0000000005040000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5040000
|
| Size: |
4096
|
|
|
4691000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1309137302.0000000004691000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4691000
|
| Size: |
49152
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1222162981.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
233472
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1306834741.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
5470000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2465097018.0000000005470000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5470000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1306870395.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
408F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317271065.000000000408F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408F000
|
| Size: |
4096
|
|
|
387F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463008195.000000000387F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
387F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820842615.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2F90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462306949.0000000002F90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F90000
|
| Size: |
4096
|
|
|
2FB7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462327931.0000000002FB7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FB7000
|
| Size: |
12288
|
|
|
364F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345542035.000000000364F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
364F000
|
| Size: |
4096
|
|
|
4D00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349335524.0000000004D00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D00000
|
| Size: |
4096
|
|
|
38AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348492937.00000000038AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38AF000
|
| Size: |
4096
|
|
|
C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1346748462.00000000000C0000.00000004.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837497267.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229969991.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229370213.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295826721.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1267234120.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271298740.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229344604.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228613471.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
470E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317634999.000000000470E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
470E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836680742.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1489000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.0000000001489000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1489000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837518865.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304676041.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347653359.0000000000D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D7E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837537194.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
A06000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.0000000000A06000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A06000
|
| Size: |
24576
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837418835.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1303937696.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820630279.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837069356.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
448E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317537123.000000000448E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448E000
|
| Size: |
8192
|
|
|
12DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277933676.00000000012DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12DB000
|
| Size: |
32768
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271270156.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1349190222.0000000004B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B5E000
|
| Size: |
8192
|
|
|
314F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345310330.000000000314F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
314F000
|
| Size: |
4096
|
|
|
6850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276740193.0000000006850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6850000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837242647.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836932567.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345159225.0000000002CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CEE000
|
| Size: |
8192
|
|
|
11CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311556569.00000000011CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11CE000
|
| Size: |
8192
|
|
|
6860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276523891.0000000006860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6860000
|
| Size: |
8192
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307003029.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
3A8000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.00000000003A8000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3A8000
|
| Size: |
122880
|
|
|
490F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346815079.000000000490F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
490F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265558958.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
45CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317590266.00000000045CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45CE000
|
| Size: |
8192
|
|
|
5C1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465839115.0000000005C1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C1D000
|
| Size: |
12288
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818096770.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820347197.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
376F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348451745.000000000376F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
376F000
|
| Size: |
4096
|
|
|
454F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346612236.000000000454F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
454F000
|
| Size: |
4096
|
|
|
3EE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000B.00000002.2461379385.00000000003EE000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3EE000
|
| Size: |
1748992
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837459594.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
3F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1316924293.0000000003F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F8E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837225092.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
6ACB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318274092.0000000006ACB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6ACB000
|
| Size: |
20480
|
|
|
126000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1341558629.0000000000126000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
126000
|
| Size: |
16384
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228815781.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
599000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2461766135.0000000000599000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
599000
|
| Size: |
8192
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298687548.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
241664
|
|
|
3B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463228938.0000000003B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3E000
|
| Size: |
8192
|
|
|
1075000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311474242.0000000001075000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1075000
|
| Size: |
8192
|
|
|
E5B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311336024.0000000000E5B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E5B000
|
| Size: |
20480
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820797363.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1230000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.0000000001230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
36864
|
|
|
358E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312466416.000000000358E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
358E000
|
| Size: |
8192
|
|
|
413F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463613270.000000000413F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
413F000
|
| Size: |
4096
|
|
|
50A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347018864.00000000050A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
3CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345922036.0000000003CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCE000
|
| Size: |
8192
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298752424.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
4096
|
|
|
A1D000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.1210894971.0000000000A1D000.00000080.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
A1D000
|
| Size: |
1769472
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228178181.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2EAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348149761.0000000002EAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EAF000
|
| Size: |
4096
|
|
|
28E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347822012.00000000028E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
28E0000
|
| Size: |
16384
|
|
|
340F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312372015.000000000340F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
340F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837437085.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
BCB000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000002.1311312488.0000000000BCB000.00000080.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
BCB000
|
| Size: |
8192
|
|
|
407E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348780810.000000000407E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
407E000
|
| Size: |
8192
|
|
|
4CF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349317093.0000000004CF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CF0000
|
| Size: |
4096
|
|
|
C1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000B.00000000.1806062998.00000000000C1000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
C1000
|
| Size: |
188416
|
|
|
4EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295404756.0000000004EB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EB0000
|
| Size: |
180224
|
|
|
7070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318464112.0000000007070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7070000
|
| Size: |
81920
|
|
|
3B2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348565472.0000000003B2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B2F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1267564471.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464505277.0000000004DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
36864
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229922020.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268151164.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
6F6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318415670.0000000006F6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6F6C000
|
| Size: |
16384
|
|
|
4B20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1306177087.0000000004B20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B20000
|
| Size: |
53248
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1302152205.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
41CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346184667.00000000041CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CE000
|
| Size: |
8192
|
|
|
35FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462829882.00000000035FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35FF000
|
| Size: |
4096
|
|
|
1301000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311976971.0000000001301000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1301000
|
| Size: |
139264
|
|
|
5090000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347001581.0000000005090000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5090000
|
| Size: |
4096
|
|
|
3B8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345868057.0000000003B8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8E000
|
| Size: |
8192
|
|
|
3CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1313300438.0000000003CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCF000
|
| Size: |
4096
|
|
|
480F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317662714.000000000480F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480F000
|
| Size: |
4096
|
|
|
3EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348697976.0000000003EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EEE000
|
| Size: |
8192
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224185764.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
3D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463347240.0000000003D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D7F000
|
| Size: |
4096
|
|
|
1360000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2461972140.0000000001360000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1360000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265739350.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
390E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345719061.000000000390E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390E000
|
| Size: |
8192
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1217549048.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300642195.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
3F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346053026.0000000003F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
8192
|
|
|
113E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344883974.000000000113E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
113E000
|
| Size: |
8192
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297675460.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
2B2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348026791.0000000002B2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B2E000
|
| Size: |
8192
|
|
|
302E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348205663.000000000302E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
302E000
|
| Size: |
8192
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297649810.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838001364.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
2FEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348185424.0000000002FEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FEF000
|
| Size: |
4096
|
|
|
330E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312330218.000000000330E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
330E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820408839.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2E4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345245137.0000000002E4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E4F000
|
| Size: |
4096
|
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311413979.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FD0000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816581825.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349357010.0000000004D10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
2AEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347975213.0000000002AEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AEF000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836753888.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268883002.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837011472.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
6F1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.1210844070.00000000006F1000.00000080.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
6F1000
|
| Size: |
188416
|
|
|
350F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345511330.000000000350F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
350F000
|
| Size: |
4096
|
|
|
637E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318094365.000000000637E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
637E000
|
| Size: |
8192
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837692506.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1306795888.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272570951.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5AAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465688256.0000000005AAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AAF000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1303499793.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
99D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347465145.000000000099D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
99D000
|
| Size: |
12288
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820605818.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
42CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346242390.00000000042CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42CF000
|
| Size: |
4096
|
|
|
3A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345833824.0000000003A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4E000
|
| Size: |
8192
|
|
|
53B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818387702.00000000053B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53B0000
|
| Size: |
4096
|
|
|
5120000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347201355.0000000005120000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5120000
|
| Size: |
4096
|
|
|
2F0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312109057.0000000002F0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F0F000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307087244.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1811011022.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272294002.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
12D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311954744.00000000012D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D4000
|
| Size: |
73728
|
|
|
2D6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348114468.0000000002D6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D6F000
|
| Size: |
4096
|
|
|
5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1318044923.0000000005130000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5130000
|
| Size: |
4096
|
|
|
4C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464386666.0000000004C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C7F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837105337.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
5100000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347145901.0000000005100000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5100000
|
| Size: |
4096
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1290704270.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
49152
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1300691947.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
404F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346080658.000000000404F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
404F000
|
| Size: |
4096
|
|
|
100E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344801938.000000000100E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
100E000
|
| Size: |
155648
|
|
|
39EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348529334.00000000039EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39EF000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230393191.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5100000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317987067.0000000005100000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5100000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1227759623.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
33CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345478632.00000000033CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33CF000
|
| Size: |
4096
|
|
|
12AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311909382.00000000012AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12AE000
|
| Size: |
4096
|
|
|
47CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346757675.00000000047CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47CF000
|
| Size: |
4096
|
|
|
1459000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.0000000001459000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1459000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230614501.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
3D6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.00000000003D6000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3D6000
|
| Size: |
24576
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1266806956.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269240158.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268773499.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1309177905.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
4F55000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1300118568.0000000004F55000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4F55000
|
| Size: |
12288
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271702821.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346924790.0000000004A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A70000
|
| Size: |
4096
|
|
|
4A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346881502.0000000004A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A4F000
|
| Size: |
4096
|
|
|
3DD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.00000000003DD000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3DD000
|
| Size: |
45056
|
|
|
1291000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311861971.0000000001291000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1291000
|
| Size: |
12288
|
|
|
2EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348167025.0000000002EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EEE000
|
| Size: |
8192
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000B.00000002.2460390521.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265595638.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
39FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463141979.00000000039FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FE000
|
| Size: |
8192
|
|
|
2C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348094616.0000000002C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C6E000
|
| Size: |
8192
|
|
|
3C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463301658.0000000003C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7E000
|
| Size: |
8192
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837189563.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
BC9000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1311296454.0000000000BC9000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BC9000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307188367.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
4AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317793512.0000000004AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AA0000
|
| Size: |
8192
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464760748.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269128122.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228969750.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1294042614.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1309200020.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1300834072.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265526164.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838057695.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
420E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317410325.000000000420E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
420E000
|
| Size: |
8192
|
|
|
42BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463746675.00000000042BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BE000
|
| Size: |
8192
|
|
|
59B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000002.1344690963.000000000059B000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
59B000
|
| Size: |
8192
|
|
|
2DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348134147.0000000002DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DAE000
|
| Size: |
8192
|
|
|
344E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312397135.000000000344E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
344E000
|
| Size: |
8192
|
|
|
6D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318391605.0000000006D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6D0E000
|
| Size: |
8192
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1838030168.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
44FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463908490.00000000044FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44FE000
|
| Size: |
8192
|
|
|
3A8000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.00000000003A8000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3A8000
|
| Size: |
122880
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298571036.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1294000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281802638.0000000001294000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1294000
|
| Size: |
98304
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1299934963.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
453E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463937989.000000000453E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272236174.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
7071000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1273099434.0000000007071000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7071000
|
| Size: |
262144
|
|
|
463E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463983806.000000000463E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
463E000
|
| Size: |
8192
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1302537964.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837259810.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
33BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462705641.00000000033BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BE000
|
| Size: |
8192
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816359253.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
6994000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318228460.0000000006994000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6994000
|
| Size: |
4096
|
|
|
C1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.1279799899.00000000000C1000.00000080.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
C1000
|
| Size: |
188416
|
|
|
38BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463054287.00000000038BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BE000
|
| Size: |
8192
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1297437954.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
2C2000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.00000000002C2000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
2C2000
|
| Size: |
929792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
523C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464599979.000000000523C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
523C000
|
| Size: |
16384
|
|
|
6BCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318321699.0000000006BCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BCC000
|
| Size: |
16384
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272516301.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2FBD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462327931.0000000002FBD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FBD000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820690388.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
12F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1342789198.000000000012F000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12F000
|
| Size: |
1638400
|
|
|
5440000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464961621.0000000005440000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5440000
|
| Size: |
4096
|
|
|
63C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276809141.00000000063C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C6000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837051411.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
C4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347558762.0000000000C4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C4B000
|
| Size: |
53248
|
|
|
50A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317886293.00000000050A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836341510.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464260395.0000000004A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3E000
|
| Size: |
8192
|
|
|
3A8000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1346903085.00000000003A8000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3A8000
|
| Size: |
122880
|
|
|
3E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1314145469.0000000003E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0F000
|
| Size: |
4096
|
|
|
313B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462511472.000000000313B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313B000
|
| Size: |
20480
|
|
|
3F0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346030256.0000000003F0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F0F000
|
| Size: |
4096
|
|
|
457E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348977829.000000000457E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
457E000
|
| Size: |
8192
|
|
|
6860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276740193.0000000006860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6860000
|
| Size: |
8192
|
|
|
3B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312965804.0000000003B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297735121.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
4F2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346943293.0000000004F2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F2E000
|
| Size: |
8192
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1811655484.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
417F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348809029.000000000417F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229026536.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
50C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347061432.00000000050C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50C0000
|
| Size: |
4096
|
|
|
4EF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1299970753.0000000004EF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EF0000
|
| Size: |
53248
|
|
|
5060000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224480004.0000000005060000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5060000
|
| Size: |
4096
|
|
|
134F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344983436.000000000134F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
134F000
|
| Size: |
4096
|
|
|
5120000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1318025321.0000000005120000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5120000
|
| Size: |
4096
|
|
|
8F2000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.00000000008F2000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8F2000
|
| Size: |
929792
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269486234.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
430E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346509456.000000000430E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228747721.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
430F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317461014.000000000430F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430F000
|
| Size: |
4096
|
|
|
2E0B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312088195.0000000002E0B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E0B000
|
| Size: |
20480
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304789006.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818258724.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
34BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462738245.00000000034BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34BF000
|
| Size: |
4096
|
|
|
6820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318208933.0000000006820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6820000
|
| Size: |
4096
|
|
|
595F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465549667.000000000595F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
595F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265866256.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837350831.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
467E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464022241.000000000467E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467E000
|
| Size: |
8192
|
|
|
468F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346659539.000000000468F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
468F000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297823982.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
440F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346534639.000000000440F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
440F000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229993375.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1815913372.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
5420000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2464887867.0000000005420000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5420000
|
| Size: |
4096
|
|
|
494F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317732175.000000000494F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820753278.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
50E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317948859.00000000050E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50E0000
|
| Size: |
4096
|
|
|
318E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345333256.000000000318E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318E000
|
| Size: |
8192
|
|
|
32AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348308661.00000000032AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32AE000
|
| Size: |
8192
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1295012615.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1470000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.0000000001470000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1470000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3C3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463258033.0000000003C3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C3F000
|
| Size: |
4096
|
|
|
1290000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1281862674.0000000001290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
16384
|
|
|
4B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464344973.0000000004B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7E000
|
| Size: |
8192
|
|
|
444E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346595687.000000000444E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444E000
|
| Size: |
8192
|
|
|
308E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312162987.000000000308E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
308E000
|
| Size: |
8192
|
|
|
289E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347775384.000000000289E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
289E000
|
| Size: |
8192
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1814110145.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
12EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277261140.00000000012EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12EE000
|
| Size: |
73728
|
|
|
12E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277597724.00000000012E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E5000
|
| Size: |
4096
|
|
|
3F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1315152593.0000000003F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4F000
|
| Size: |
4096
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1298845059.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
4096
|
|
|
F7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347707053.0000000000F7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F7F000
|
| Size: |
4096
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1292786656.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821162206.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000003.1307051007.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816695349.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229254739.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
50B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317902064.00000000050B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50B0000
|
| Size: |
4096
|
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344784199.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
4096
|
|
|
131F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1273132349.000000000131F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
131F000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304317769.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297694813.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
318F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312182750.000000000318F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318F000
|
| Size: |
4096
|
|
|
43FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463825189.00000000043FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FD000
|
| Size: |
12288
|
|
|
4F4B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317838447.0000000004F4B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F4B000
|
| Size: |
20480
|
|
|
28DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1347799065.00000000028DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28DE000
|
| Size: |
8192
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837657248.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228409158.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271372363.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
F5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1344742609.0000000000F5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F5D000
|
| Size: |
12288
|
|
|
65CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318131377.00000000065CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65CF000
|
| Size: |
4096
|
|
|
50F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317963908.00000000050F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50F0000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820898991.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1282000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1311738630.0000000001282000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1282000
|
| Size: |
57344
|
|
|
148F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345040676.000000000148F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
148F000
|
| Size: |
4096
|
|
|
32CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312225409.00000000032CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32CF000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224334302.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1837940100.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820463777.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
12D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277597724.00000000012D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D4000
|
| Size: |
61440
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229946142.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1228903397.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5070000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1224559019.0000000005070000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1304872089.0000000000DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA4000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1814830605.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268181713.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836465925.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4691000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1297608341.0000000004691000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4691000
|
| Size: |
49152
|
|
|
5090000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317868856.0000000005090000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5090000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1219170235.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
3DD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.00000000003DD000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3DD000
|
| Size: |
45056
|
|
|
327E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462610960.000000000327E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327E000
|
| Size: |
8192
|
|
|
4680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000003.1299561997.0000000004680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
53248
|
|
|
9D8000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1310511631.00000000009D8000.00000040.00000001.01000000.00000006.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
9D8000
|
| Size: |
122880
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1268976874.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1227897627.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821025999.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
2F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312126498.0000000002F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F4E000
|
| Size: |
8192
|
|
|
53A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818457072.00000000053A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53A0000
|
| Size: |
4096
|
|
|
38EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348510408.00000000038EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38EE000
|
| Size: |
8192
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000003.1818425214.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
55DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2465243033.00000000055DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55DE000
|
| Size: |
8192
|
|
|
458E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346631265.000000000458E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458E000
|
| Size: |
8192
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1272454239.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
48BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2464149063.00000000048BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48BF000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1812967730.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820916244.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820200097.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
49152
|
|
|
12F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2460448321.000000000012F000.00000040.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12F000
|
| Size: |
1638400
|
|
|
4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1349420971.0000000004D30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1230014256.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1330000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2461933461.0000000001330000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1330000
|
| Size: |
4096
|
|
|
3BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1313098021.0000000003BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BCE000
|
| Size: |
8192
|
|
|
4A71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1302941151.0000000004A71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A71000
|
| Size: |
4096
|
|
|
130F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1271806918.000000000130F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130F000
|
| Size: |
45056
|
|
|
3EF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348718819.0000000003EF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3EF0000
|
| Size: |
4096
|
|
|
427F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2463703161.000000000427F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
427F000
|
| Size: |
4096
|
|
|
12D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000B.00000000.1806109096.000000000012D000.00000008.00000001.01000000.00000009.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
12D000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1265770925.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1221059523.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269893886.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1821139181.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
11F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1217218284.00000000011F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
53248
|
|
|
3C8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345892125.0000000003C8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C8F000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1836440392.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1820484985.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
12A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1277597724.00000000012A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A9000
|
| Size: |
143360
|
|
|
141B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2462059724.000000000141B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
141B000
|
| Size: |
225280
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816521885.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229202362.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269455125.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2FA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1811314524.0000000002FA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2FA0000
|
| Size: |
53248
|
|
|
6C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318365046.0000000006C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C0E000
|
| Size: |
8192
|
|
|
5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1347225176.0000000005130000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5130000
|
| Size: |
4096
|
|
|
63C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1276809141.00000000063C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C0000
|
| Size: |
8192
|
|
|
366E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348424809.000000000366E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
366E000
|
| Size: |
8192
|
|
|
50D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1317933665.00000000050D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50D0000
|
| Size: |
4096
|
|
|
34EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1348366059.00000000034EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34EF000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1269050938.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
2D47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1345203220.0000000002D47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D47000
|
| Size: |
8192
|
|
|
63BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318112457.00000000063BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63BE000
|
| Size: |
8192
|
|
|
1160000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1291750728.0000000001160000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
53248
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1810830507.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
4096
|
|
|
4A91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1229158803.0000000004A91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A91000
|
| Size: |
4096
|
|
|
5080000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1223904066.0000000005080000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5080000
|
| Size: |
8192
|
|
|
480E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1346774790.000000000480E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480E000
|
| Size: |
8192
|
|
|
3A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1312918243.0000000003A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
8192
|
|
|
484E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317703539.000000000484E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
484E000
|
| Size: |
8192
|
|
|
4DC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1816478265.0000000004DC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC1000
|
| Size: |
204800
|
|
