|
3031000
|
heap
|
page read and write
|
 |
|
|
| Name: |
00000004.00000002.1345355156.0000000003031000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3031000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
4D5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345694800.0000000004D5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D5F000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
3224000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643257194.0000000003224000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3224000
|
| Size: |
180224
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| URLs found in memory or binary data |
Networking |
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1344756034.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643159219.0000000003200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
3EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354799938.0000000003EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3EE0000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3642377715.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4F5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644897898.0000000004F5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F5F000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
3012000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345319637.0000000003012000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3012000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
3B10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227866323.0000000003B10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B10000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| Public key (encryption) found |
Cryptography |
|
| URLs found in memory or binary data |
Networking |
|
|
|
E30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368983567.0000000000E30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E30000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
300E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345237084.000000000300E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
300E000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
4FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583384922.0000000004FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FEE000
|
| Size: |
8192
|
|
|
6401000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602943882.0000000006401000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6401000
|
| Size: |
966656
|
|
|
5A2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645404268.0000000005A2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A2F000
|
| Size: |
4096
|
|
|
97E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207328992.000000000097E000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
97E000
|
| Size: |
36864
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576877254.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
326B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3568975388.000000000326B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326B000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1334464548.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
38CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601878673.00000000038CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38CF000
|
| Size: |
4096
|
|
|
326B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643257194.000000000326B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
326B000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207051953.00000000007E0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0000
|
| Size: |
4096
|
|
|
531F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645056863.000000000531F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
531F000
|
| Size: |
4096
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595099036.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
557056
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3579651250.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
1731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339714096.0000000001731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1731000
|
| Size: |
507904
|
|
|
3D30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224478199.0000000003D30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D30000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601632526.0000000003424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3424000
|
| Size: |
57344
|
|
|
987000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1192525037.0000000000987000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
987000
|
| Size: |
495616
|
|
|
509F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644958285.000000000509F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
509F000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010912784.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1162000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1192930295.0000000001162000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1162000
|
| Size: |
655360
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214644564.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
118784
|
|
|
2EB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642822668.0000000002EB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EB0000
|
| Size: |
8192
|
|
|
F31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1354375499.0000000000F31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F31000
|
| Size: |
90112
|
|
|
147E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354077447.000000000147E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
147E000
|
| Size: |
8192
|
|
|
FC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357077280.0000000000FC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC1000
|
| Size: |
446464
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575709180.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
1700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1336631010.0000000001700000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1700000
|
| Size: |
708608
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012354817.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
974000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1207247745.0000000000974000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
974000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010565638.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
225E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354687702.000000000225E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
225E000
|
| Size: |
8192
|
|
|
3150000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000019.00000002.3601442248.0000000003150000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
3150000
|
| Size: |
4096
|
|
|
44F000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000001A.00000002.3581670673.000000000044F000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
44F000
|
| Size: |
8192
|
|
|
172B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345445956.000000000172B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
172B000
|
| Size: |
4096
|
|
|
1201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196621567.0000000001201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1201000
|
| Size: |
1073152
|
|
|
882000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000000.1205942091.0000000000882000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
882000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009619505.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
3AEE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367797480.0000000003AEE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEE000
|
| Size: |
24576
|
|
|
EF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369057760.0000000000EF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF8000
|
| Size: |
180224
|
|
|
3200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601525918.0000000003200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
4096
|
|
|
1120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207746540.0000000001120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1120000
|
| Size: |
20480
|
|
|
982000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1192495835.0000000000982000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
982000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011440077.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
2EBC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582734472.0000000002EBC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EBC000
|
| Size: |
16384
|
|
|
33E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369559027.00000000033E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33E4000
|
| Size: |
8192
|
|
|
327A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644571738.000000000327A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
327A000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
82E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582379395.000000000082E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
82E000
|
| Size: |
8192
|
|
|
429E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347601468.000000000429E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
429E000
|
| Size: |
24576
|
|
|
87E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353792559.000000000087E000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
36864
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596232164.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
4083000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347045498.0000000004083000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4083000
|
| Size: |
507904
|
|
|
87E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368539294.000000000087E000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
36864
|
|
|
21EDDBF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDBF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDBF0000
|
| Size: |
28672
|
|
|
676F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3580091053.000000000676F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
676F000
|
| Size: |
450560
|
|
|
2E12000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582671315.0000000002E12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E12000
|
| Size: |
57344
|
|
|
429E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1346368121.000000000429E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
429E000
|
| Size: |
24576
|
|
|
FC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369303523.0000000000FC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC1000
|
| Size: |
446464
|
|
|
38D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364312318.00000000038D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D0000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
7EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582306170.00000000007EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7EE000
|
| Size: |
8192
|
|
|
3576000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598956800.0000000003576000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3576000
|
| Size: |
90112
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595953720.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
24576
|
|
|
EF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369057760.0000000000EF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF0000
|
| Size: |
24576
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012082479.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
94F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1192436365.000000000094F000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
94F000
|
| Size: |
147456
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008335640.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
6700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645699954.0000000006700000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6700000
|
| Size: |
4096
|
|
|
987000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1207371274.0000000000987000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
987000
|
| Size: |
495616
|
|
|
35B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594747777.00000000035B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35B5000
|
| Size: |
278528
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009951637.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
4F9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644930713.0000000004F9C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F9C000
|
| Size: |
16384
|
|
|
2F00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582855254.0000000002F00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F00000
|
| Size: |
12288
|
|
|
50DC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644982876.00000000050DC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50DC000
|
| Size: |
16384
|
|
|
4D9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345734046.0000000004D9B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D9B000
|
| Size: |
20480
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009386651.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009039302.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3562876402.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
20480
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012128293.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368917691.0000000000DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DE0000
|
| Size: |
4096
|
|
|
6CC24FA000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1335598947.0000006CC24FA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC24FA000
|
| Size: |
24576
|
|
|
1654000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354182035.0000000001654000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654000
|
| Size: |
8192
|
|
|
2C3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1344988578.0000000002C3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C3C000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008597218.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
37B0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367488153.00000000037B0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
37B0000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008231902.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
1E5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354665591.0000000001E5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1E5E000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011596627.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345650804.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
4096
|
|
|
3202000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601525918.0000000003202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3202000
|
| Size: |
20480
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596299047.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202467138.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010376338.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
31FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3583030996.00000000031FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31FF000
|
| Size: |
4096
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1334580832.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012010193.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1353694412.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
30F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601370052.00000000030F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30F0000
|
| Size: |
4096
|
|
|
475000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1344756034.0000000000475000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
475000
|
| Size: |
40960
|
|
|
87E000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000000.1205942091.000000000087E000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
87E000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010199254.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578311612.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
6CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3581774217.00000000006CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011016876.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3575000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594622421.0000000003575000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3575000
|
| Size: |
135168
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582375014.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
192512
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596254705.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
37B0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365944821.00000000037B0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
37B0000
|
| Size: |
1187840
|
|
|
21EDDC27000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDC27000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDC27000
|
| Size: |
167936
|
|
|
882000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000013.00000000.1350740773.0000000000882000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
882000
|
| Size: |
8192
|
|
|
5D2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645537088.0000000005D2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D2E000
|
| Size: |
8192
|
|
|
C39000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227045343.0000000000C39000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C39000
|
| Size: |
28672
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577998206.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011237451.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
5900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601980694.0000000005900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5900000
|
| Size: |
4096
|
|
|
16A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338840644.00000000016A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A0000
|
| Size: |
172032
|
|
|
11D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227220818.00000000011D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D8000
|
| Size: |
180224
|
|
|
5001000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583410757.0000000005001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5001000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009578907.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
126A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216161340.000000000126A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126A000
|
| Size: |
8192
|
|
|
6434000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575661862.0000000006434000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6434000
|
| Size: |
69632
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010300419.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010494091.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1228000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216161340.0000000001228000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1228000
|
| Size: |
65536
|
|
|
F48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357292983.0000000000F48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F48000
|
| Size: |
65536
|
|
|
D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368882169.0000000000D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D3E000
|
| Size: |
8192
|
|
|
F8C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357077280.0000000000F8C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8C000
|
| Size: |
196608
|
|
|
4F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583315678.0000000004F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F70000
|
| Size: |
4096
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582772253.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
73728
|
|
|
3249000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3568975388.0000000003249000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3249000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010266047.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
2EFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582774502.0000000002EFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EFA000
|
| Size: |
24576
|
|
|
17C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345311642.00000000017C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17C4000
|
| Size: |
446464
|
|
|
4C5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345661619.0000000004C5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C5E000
|
| Size: |
8192
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595254669.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
663552
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582491767.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
139264
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012304774.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
120B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227220818.000000000120B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
120B000
|
| Size: |
20480
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011993303.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1693000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1336714930.0000000001693000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1693000
|
| Size: |
446464
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010641282.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2F50000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582835935.0000000002F50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F50000
|
| Size: |
4096
|
|
|
45D000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000019.00000002.3600995325.000000000045D000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
45D000
|
| Size: |
4096
|
|
|
2930000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582538789.0000000002930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2930000
|
| Size: |
4096
|
|
|
3585000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594653796.0000000003585000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3585000
|
| Size: |
176128
|
|
|
3730000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365247123.0000000003730000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3730000
|
| Size: |
1187840
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009445895.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
6423000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575661862.0000000006423000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6423000
|
| Size: |
61440
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000003.00000002.1226854714.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
38D3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367488153.00000000038D3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D3000
|
| Size: |
507904
|
|
|
8C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1192325516.00000000008C0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8C0000
|
| Size: |
4096
|
|
|
347E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345631087.000000000347E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
347E000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563473391.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011955529.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010587394.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
11CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195934730.00000000011CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CB000
|
| Size: |
4096
|
|
|
358C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597370397.000000000358C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
358C000
|
| Size: |
98304
|
|
|
126B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222904182.000000000126B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126B000
|
| Size: |
4096
|
|
|
126C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1213818204.000000000126C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126C000
|
| Size: |
200704
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643110138.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
4229000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347601468.0000000004229000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4229000
|
| Size: |
4096
|
|
|
501E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345976710.000000000501E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
501E000
|
| Size: |
8192
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202467138.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
4096
|
|
|
21EDDF0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1337062705.0000021EDDF0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDF0E000
|
| Size: |
4096
|
|
|
3110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601398634.0000000003110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3110000
|
| Size: |
4096
|
|
|
3670000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209555530.0000000003670000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3670000
|
| Size: |
483328
|
|
|
2EE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642879824.0000000002EE0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EE0000
|
| Size: |
4096
|
|
|
8C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1192349969.00000000008C1000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
8C1000
|
| Size: |
581632
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000000.1352349264.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
3714000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209713685.0000000003714000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3714000
|
| Size: |
8192
|
|
|
11B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227204481.00000000011B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11B0000
|
| Size: |
4096
|
|
|
12A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1213818204.00000000012A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A1000
|
| Size: |
1040384
|
|
|
3D33000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225451786.0000000003D33000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D33000
|
| Size: |
507904
|
|
|
192E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209244240.000000000192E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
192E000
|
| Size: |
8192
|
|
|
319E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601464414.000000000319E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
319E000
|
| Size: |
8192
|
|
|
2FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582950274.0000000002FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FDE000
|
| Size: |
8192
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000001C.00000002.3582642357.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009501697.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
325D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643257194.000000000325D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325D000
|
| Size: |
53248
|
|
|
15CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354146048.00000000015CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15CE000
|
| Size: |
8192
|
|
|
6801000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602704875.0000000006801000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6801000
|
| Size: |
188416
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011214844.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3518000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582517645.0000000003518000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3518000
|
| Size: |
12288
|
|
|
126A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1214644564.000000000126A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126A000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009290167.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010762759.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
473000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000019.00000002.3600995325.0000000000473000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
473000
|
| Size: |
20480
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008536523.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008578677.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008497286.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563704172.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
20480
|
|
|
352E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3600675389.000000000352E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352E000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
37CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601845880.00000000037CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CE000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008620233.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010999610.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010318156.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010624770.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
521D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645030022.000000000521D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
521D000
|
| Size: |
12288
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008913899.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1217000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1227314097.0000000001217000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1217000
|
| Size: |
4096
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338840644.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
8192
|
|
|
F38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1354453780.0000000000F38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F38000
|
| Size: |
90112
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578206336.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
33E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369559027.00000000033E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33E0000
|
| Size: |
8192
|
|
|
12A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227360850.00000000012A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A1000
|
| Size: |
593920
|
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1356356929.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8B000
|
| Size: |
8192
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000010.00000000.1334384431.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
1164000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1193126194.0000000001164000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1164000
|
| Size: |
446464
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3574512424.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011360374.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
21EDDBA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336748428.0000021EDDBA0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDBA0000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563130808.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
20480
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011295960.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
1751000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1336545433.0000000001751000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1751000
|
| Size: |
4096
|
|
|
3AEE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366160821.0000000003AEE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEE000
|
| Size: |
24576
|
|
|
94F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1207247745.000000000094F000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
94F000
|
| Size: |
147456
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010144881.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
4229000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1346368121.0000000004229000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4229000
|
| Size: |
4096
|
|
|
353D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595696148.000000000353D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353D000
|
| Size: |
16384
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582287558.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
69632
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011255936.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3ED9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225635998.0000000003ED9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ED9000
|
| Size: |
4096
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563801522.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000013.00000002.1368368811.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010847255.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
CDB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368645925.0000000000CDB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CDB000
|
| Size: |
20480
|
|
|
F24000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1354052673.0000000000F24000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F24000
|
| Size: |
442368
|
|
|
3DA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368169798.00000000003DA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DA000
|
| Size: |
24576
|
|
|
1204000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207679828.0000000001204000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1204000
|
| Size: |
446464
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1353604275.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011101259.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
21EDDC02000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDC02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDC02000
|
| Size: |
77824
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563161774.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000002.1368461830.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010513309.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
51DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645007305.00000000051DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51DF000
|
| Size: |
4096
|
|
|
139E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227533010.000000000139E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
139E000
|
| Size: |
4096
|
|
|
3512000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601777749.0000000003512000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3512000
|
| Size: |
4096
|
|
|
354D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596531943.000000000354D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354D000
|
| Size: |
12288
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008827155.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008803419.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
126A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1211441143.000000000126A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126A000
|
| Size: |
12288
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339776412.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
8192
|
|
|
359A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594686069.000000000359A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
359A000
|
| Size: |
106496
|
|
|
3950000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366160821.0000000003950000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3950000
|
| Size: |
1196032
|
|
|
FBB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363146229.0000000000FBB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FBB000
|
| Size: |
4096
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597661230.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
61440
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195813374.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
8192
|
|
|
1170000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1208399606.0000000001170000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1170000
|
| Size: |
20480
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196556105.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
4096
|
|
|
3CB3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223492336.0000000003CB3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB3000
|
| Size: |
507904
|
|
|
122D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1208657324.000000000122D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
122D000
|
| Size: |
221184
|
|
|
3544000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596611917.0000000003544000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3544000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
|
|
F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363457783.0000000000F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F66000
|
| Size: |
118784
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598420458.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
69632
|
|
|
21EDDBF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDBF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDBF8000
|
| Size: |
36864
|
|
|
3F60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345960387.0000000003F60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3F60000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011519730.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
5762000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645226236.0000000005762000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
5762000
|
| Size: |
20480
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010426958.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577833862.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
307C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601203393.000000000307C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
307C000
|
| Size: |
16384
|
|
|
F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1356356929.0000000000F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F66000
|
| Size: |
118784
|
|
|
16A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1337050296.00000000016A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A0000
|
| Size: |
90112
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009523019.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3565365487.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
358B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595006112.000000000358B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
358B000
|
| Size: |
245760
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009865972.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582138865.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
4096
|
|
|
1332000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222856977.0000000001332000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1332000
|
| Size: |
446464
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596425356.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011650458.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
4096
|
|
|
3562000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598928923.0000000003562000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3562000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010662503.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
39FD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364312318.00000000039FD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39FD000
|
| Size: |
458752
|
|
|
37C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227794116.00000000037C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37C0000
|
| Size: |
8192
|
|
|
10F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207720091.00000000010F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10F0000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010930330.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
6600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3603012579.0000000006600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6600000
|
| Size: |
450560
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3568975388.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
4096
|
|
|
6CC26FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1335988202.0000006CC26FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC26FE000
|
| Size: |
8192
|
|
|
1218000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1208758303.0000000001218000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1218000
|
| Size: |
86016
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009264877.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
6401000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578050086.0000000006401000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6401000
|
| Size: |
245760
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010479771.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
171B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339756297.000000000171B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
171B000
|
| Size: |
69632
|
|
|
100F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227067869.000000000100F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
100F000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012146063.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009736178.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000000.1349312500.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
16C7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339665832.00000000016C7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16C7000
|
| Size: |
12288
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594816021.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
352256
|
|
|
328A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644615880.000000000328A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328A000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4100000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347601468.0000000004100000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4100000
|
| Size: |
1196032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3535000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595779082.0000000003535000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3535000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010870894.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
5B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645456308.0000000005B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B6E000
|
| Size: |
8192
|
|
|
974000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1192436365.0000000000974000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
974000
|
| Size: |
40960
|
|
|
1130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207810333.0000000001130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1130000
|
| Size: |
24576
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597016050.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
4096
|
|
|
13DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353921410.00000000013DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13DB000
|
| Size: |
20480
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012280790.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009348025.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
16EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369506529.00000000016EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16EF000
|
| Size: |
4096
|
|
|
3563000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598887194.0000000003563000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3563000
|
| Size: |
167936
|
|
|
3D30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223618167.0000000003D30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D30000
|
| Size: |
1196032
|
|
|
FAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357269207.0000000000FAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FAB000
|
| Size: |
69632
|
|
|
3D33000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224712246.0000000003D33000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D33000
|
| Size: |
507904
|
|
|
38D3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366662741.00000000038D3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D3000
|
| Size: |
507904
|
|
|
3ECE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224478199.0000000003ECE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ECE000
|
| Size: |
24576
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596580820.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
45056
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008397583.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008169058.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
102F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369418450.000000000102F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
102F000
|
| Size: |
147456
|
|
|
452000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000001A.00000002.3581670673.0000000000452000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
452000
|
| Size: |
20480
|
|
|
CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368645925.0000000000CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CCE000
|
| Size: |
8192
|
|
|
760000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582182857.0000000000760000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
760000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008762210.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3AEE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367011178.0000000003AEE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3AEE000
|
| Size: |
24576
|
|
|
169A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354230304.000000000169A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
169A000
|
| Size: |
20480
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577067033.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3ED9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224906331.0000000003ED9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ED9000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009216542.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3544000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598420458.0000000003544000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3544000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
|
|
6701000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602885718.0000000006701000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6701000
|
| Size: |
450560
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000002.1368333773.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
3710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209713685.0000000003710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3710000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010166295.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3F60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347045498.0000000003F60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3F60000
|
| Size: |
1187840
|
|
|
F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357162977.0000000000F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F66000
|
| Size: |
118784
|
|
|
1211000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1208591749.0000000001211000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1211000
|
| Size: |
86016
|
|
|
357E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594856016.000000000357E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
357E000
|
| Size: |
385024
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011919604.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
4096
|
|
|
1650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354182035.0000000001650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1650000
|
| Size: |
8192
|
|
|
103D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207631863.000000000103D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
103D000
|
| Size: |
12288
|
|
|
21EDDC16000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDC16000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDC16000
|
| Size: |
65536
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594936061.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
458752
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.1205595163.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
353D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595779082.000000000353D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353D000
|
| Size: |
24576
|
|
|
3950000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367797480.0000000003950000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3950000
|
| Size: |
1196032
|
|
|
16FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345445956.00000000016FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FB000
|
| Size: |
4096
|
|
|
3500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601692158.0000000003500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3500000
|
| Size: |
20480
|
|
|
6CC2CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336636535.0000006CC2CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC2CFE000
|
| Size: |
8192
|
|
|
3F4E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226576572.0000000003F4E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
24576
|
|
|
3544000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3600749892.0000000003544000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3544000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3552848695.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
F90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1353980950.0000000000F90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F90000
|
| Size: |
647168
|
|
|
3545000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595696148.0000000003545000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3545000
|
| Size: |
28672
|
|
|
6010000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582106325.0000000006010000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6010000
|
| Size: |
974848
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582851382.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
90112
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012263533.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012235763.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338895827.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
2E31000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582794581.0000000002E31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E31000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008844016.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3E59000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223618167.0000000003E59000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E59000
|
| Size: |
4096
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596731247.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
188416
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011058715.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345084271.0000000002CF0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CF0000
|
| Size: |
4096
|
|
|
3561000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599821353.0000000003561000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3561000
|
| Size: |
143360
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011729193.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009423556.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011817470.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576653293.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
DCA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353891965.0000000000DCA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DCA000
|
| Size: |
24576
|
|
|
5E2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645558114.0000000005E2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E2F000
|
| Size: |
4096
|
|
|
CBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368645925.0000000000CBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CBF000
|
| Size: |
4096
|
|
|
367F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644827795.000000000367F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
367F000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012168684.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010977785.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008371434.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008676829.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
357E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644792756.000000000357E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
357E000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010961089.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008475182.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010232574.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582444403.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011789675.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
595B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595497238.000000000595B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
595B000
|
| Size: |
385024
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010213318.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
16B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339776412.00000000016B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16B7000
|
| Size: |
65536
|
|
|
643E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578050086.000000000643E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
643E000
|
| Size: |
245760
|
|
|
5F7B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645602199.0000000005F7B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F7B000
|
| Size: |
20480
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596356138.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009148708.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3576000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598066926.0000000003576000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3576000
|
| Size: |
4096
|
|
|
2F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582809191.0000000002F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F30000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010789176.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3E59000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224478199.0000000003E59000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E59000
|
| Size: |
4096
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582216179.0000000000790000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011129639.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3026000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011650458.0000000003026000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3026000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012219010.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012372489.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000000.1349312500.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
6401000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575586350.0000000006401000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6401000
|
| Size: |
86016
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1208605384.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3101000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345396805.0000000003101000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3101000
|
| Size: |
12288
|
|
|
13FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353921410.00000000013FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13FC000
|
| Size: |
16384
|
|
|
3530000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3600709486.0000000003530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3530000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008512607.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3A6E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364826020.0000000003A6E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6E000
|
| Size: |
24576
|
|
|
3ECE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224041019.0000000003ECE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ECE000
|
| Size: |
24576
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563265084.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
2C7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345013731.0000000002C7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C7C000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576985504.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
6CC29FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336526265.0000006CC29FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC29FF000
|
| Size: |
4096
|
|
|
1053000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1362964611.0000000001053000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1053000
|
| Size: |
450560
|
|
|
12C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207493571.00000000012C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C1000
|
| Size: |
4096
|
|
|
1138000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207810333.0000000001138000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1138000
|
| Size: |
180224
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008660750.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
5090000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601926987.0000000005090000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5090000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012058738.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2E21000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582671315.0000000002E21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E21000
|
| Size: |
4096
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578881695.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
6863000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602836412.0000000006863000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6863000
|
| Size: |
188416
|
|
|
1668000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354230304.0000000001668000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1668000
|
| Size: |
176128
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.1205873476.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009370368.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595554753.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
401408
|
|
|
3507000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601692158.0000000003507000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3507000
|
| Size: |
4096
|
|
|
16FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338926440.00000000016FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FB000
|
| Size: |
4096
|
|
|
3585000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599280798.0000000003585000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3585000
|
| Size: |
126976
|
|
|
1171000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1193422430.0000000001171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1171000
|
| Size: |
86016
|
|
|
3853000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363995503.0000000003853000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3853000
|
| Size: |
507904
|
|
|
38D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364826020.00000000038D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D0000
|
| Size: |
1196032
|
|
|
1211000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1211441143.0000000001211000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1211000
|
| Size: |
172032
|
|
|
39FD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364826020.00000000039FD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39FD000
|
| Size: |
458752
|
|
|
2E02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345157703.0000000002E02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E02000
|
| Size: |
24576
|
|
|
59D2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595987589.00000000059D2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
59D2000
|
| Size: |
4096
|
|
|
3560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597086945.0000000003560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3560000
|
| Size: |
73728
|
|
|
1201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1208888372.0000000001201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1201000
|
| Size: |
622592
|
|
|
3EDD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226576572.0000000003EDD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3EDD000
|
| Size: |
458752
|
|
|
30AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601238736.00000000030AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30AF000
|
| Size: |
12288
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011535514.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578732372.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
4EDC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345831761.0000000004EDC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EDC000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011634313.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3565303372.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643257194.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
28672
|
|
|
358B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597834629.000000000358B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
358B000
|
| Size: |
53248
|
|
|
1221000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1192999183.0000000001221000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1221000
|
| Size: |
4096
|
|
|
21EDDBB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336775214.0000021EDDBB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDBB0000
|
| Size: |
8192
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216161340.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
118784
|
|
|
355A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596425356.000000000355A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
355A000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008744849.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3113000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563418868.0000000003113000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3113000
|
| Size: |
16384
|
|
|
353A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597724652.000000000353A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353A000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
|
|
12A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216003311.00000000012A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A1000
|
| Size: |
1040384
|
|
|
2DD0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1345107896.0000000002DD0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
2DD0000
|
| Size: |
4096
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596653553.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
69632
|
|
|
6CC2FFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336722406.0000006CC2FFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC2FFB000
|
| Size: |
20480
|
|
|
1731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339592015.0000000001731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1731000
|
| Size: |
507904
|
|
|
302C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563670004.000000000302C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
302C000
|
| Size: |
20480
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598848688.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
98304
|
|
|
3C10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226301585.0000000003C10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3C10000
|
| Size: |
1187840
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2300000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354715228.0000000002300000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2300000
|
| Size: |
8192
|
|
|
87E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1226988766.000000000087E000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87E000
|
| Size: |
36864
|
|
|
2FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583003700.0000000002FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FE0000
|
| Size: |
4096
|
|
|
3577000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597206163.0000000003577000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3577000
|
| Size: |
180224
|
|
|
337E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345602535.000000000337E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337E000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009485661.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011377214.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354558891.0000000001830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1830000
|
| Size: |
4096
|
|
|
459000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000019.00000002.3600995325.0000000000459000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
459000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010076543.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338840644.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010180451.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
3A79000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367797480.0000000003A79000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A79000
|
| Size: |
4096
|
|
|
3730000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364602072.0000000003730000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3730000
|
| Size: |
1187840
|
|
|
1060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227146186.0000000001060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1060000
|
| Size: |
20480
|
|
|
3A7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367011178.0000000003A7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7D000
|
| Size: |
458752
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009760715.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011319081.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
116B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207810333.000000000116B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
116B000
|
| Size: |
20480
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1208605384.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
4096
|
|
|
422D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1346368121.000000000422D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
422D000
|
| Size: |
458752
|
|
|
2F0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000003.3581468009.0000000002F0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F0C000
|
| Size: |
4096
|
|
|
6800000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645721485.0000000006800000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6800000
|
| Size: |
4096
|
|
|
2E3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642680506.0000000002E3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E3C000
|
| Size: |
16384
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195890656.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
8192
|
|
|
11EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196716608.00000000011EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11EA000
|
| Size: |
73728
|
|
|
6CC2EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336695860.0000006CC2EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC2EFF000
|
| Size: |
4096
|
|
|
3E5D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223618167.0000000003E5D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E5D000
|
| Size: |
458752
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011479067.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
4A01000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3583068841.0000000004A01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A01000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011685850.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
6340000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645624592.0000000006340000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
6340000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| URLs found in memory or binary data |
Networking |
|
|
|
107D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207652408.000000000107D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
107D000
|
| Size: |
12288
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596320347.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577728960.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011495500.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563756695.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
20480
|
|
|
3EDD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225635998.0000000003EDD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3EDD000
|
| Size: |
458752
|
|
|
2C02000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582578332.0000000002C02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C02000
|
| Size: |
20480
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3574373497.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008552794.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011769356.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
6801000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3579973764.0000000006801000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6801000
|
| Size: |
401408
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578814948.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
5800000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595878713.0000000005800000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5800000
|
| Size: |
651264
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009196677.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3A6E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364312318.0000000003A6E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6E000
|
| Size: |
24576
|
|
|
3C10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224712246.0000000003C10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3C10000
|
| Size: |
1187840
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000000.1348975214.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009562628.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3544000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595779082.0000000003544000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3544000
|
| Size: |
32768
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011400175.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3603120355.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011858719.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011612244.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1179000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202467138.0000000001179000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1179000
|
| Size: |
61440
|
|
|
1610000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354163982.0000000001610000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1610000
|
| Size: |
4096
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339665832.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
8192
|
|
|
35A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599686803.00000000035A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35A3000
|
| Size: |
126976
|
|
|
471000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1344756034.0000000000471000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
471000
|
| Size: |
8192
|
|
|
1202000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207353021.0000000001202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1202000
|
| Size: |
655360
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008722243.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010460667.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599546896.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
3584000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599736791.0000000003584000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3584000
|
| Size: |
126976
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596276157.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
4096
|
|
|
3431000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583169580.0000000003431000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3431000
|
| Size: |
8192
|
|
|
3000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643010446.0000000003000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3000000
|
| Size: |
4096
|
|
|
3ECE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223618167.0000000003ECE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ECE000
|
| Size: |
24576
|
|
|
56D9000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645105028.00000000056D9000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
56D9000
|
| Size: |
8192
|
|
|
14B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354123440.00000000014B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B0000
|
| Size: |
20480
|
|
|
3097000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601238736.0000000003097000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3097000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009080741.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339776412.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
350E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601692158.000000000350E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
350E000
|
| Size: |
12288
|
|
|
3253000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3568975388.0000000003253000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3253000
|
| Size: |
28672
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012099195.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008313310.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
6832000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602780061.0000000006832000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6832000
|
| Size: |
389120
|
|
|
3577000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598008284.0000000003577000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3577000
|
| Size: |
167936
|
|
|
11D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1193049444.00000000011D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D1000
|
| Size: |
811008
|
|
|
3500000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583193344.0000000003500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3500000
|
| Size: |
12288
|
|
|
5967000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595987589.0000000005967000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5967000
|
| Size: |
421888
|
|
|
FC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1354052673.0000000000FC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC1000
|
| Size: |
446464
|
|
|
35A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599224066.00000000035A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35A4000
|
| Size: |
126976
|
|
|
1E40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227657810.0000000001E40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E40000
|
| Size: |
8192
|
|
|
5070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601905459.0000000005070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5070000
|
| Size: |
4096
|
|
|
6CC28FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336308180.0000006CC28FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC28FF000
|
| Size: |
4096
|
|
|
16BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1337106633.00000000016BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16BD000
|
| Size: |
200704
|
|
|
FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227067869.0000000000FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FFF000
|
| Size: |
4096
|
|
|
31E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601505504.00000000031E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31E0000
|
| Size: |
4096
|
|
|
575F000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645226236.000000000575F000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
575F000
|
| Size: |
8192
|
|
|
11CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196445201.00000000011CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CB000
|
| Size: |
200704
|
|
|
12A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222904182.00000000012A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A1000
|
| Size: |
593920
|
|
|
56F3000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645105028.00000000056F3000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
56F3000
|
| Size: |
20480
|
|
|
3E59000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224041019.0000000003E59000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E59000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009678152.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3553044965.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010889600.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582617861.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E00000
|
| Size: |
69632
|
|
|
3B90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223492336.0000000003B90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B90000
|
| Size: |
1187840
|
|
|
3562000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599317195.0000000003562000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3562000
|
| Size: |
143360
|
|
|
1178000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1208605384.0000000001178000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1178000
|
| Size: |
8192
|
|
|
1DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209473425.0000000001DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1DD0000
|
| Size: |
8192
|
|
|
39F9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364312318.00000000039F9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39F9000
|
| Size: |
4096
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598335157.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
28672
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3562913027.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
4FDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345891348.0000000004FDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FDF000
|
| Size: |
4096
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1334361683.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369194819.0000000000F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F66000
|
| Size: |
118784
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563988558.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
20480
|
|
|
2F90000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000001C.00000002.3582927746.0000000002F90000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
2F90000
|
| Size: |
4096
|
|
|
169F000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1354352636.000000000169F000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
169F000
|
| Size: |
16384
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594595093.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
90112
|
|
|
129B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222904182.000000000129B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129B000
|
| Size: |
8192
|
|
|
1201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202292926.0000000001201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1201000
|
| Size: |
622592
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012038827.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3202000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583051220.0000000003202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3202000
|
| Size: |
20480
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010130723.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
58EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645345888.00000000058EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58EF000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009976688.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3212000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643204098.0000000003212000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3212000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010037220.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008211870.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008271942.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
F4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1354420550.0000000000F4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F4E000
|
| Size: |
217088
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598364328.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
61440
|
|
|
19CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227601524.00000000019CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19CF000
|
| Size: |
4096
|
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363457783.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8B000
|
| Size: |
4096
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000002.1368573049.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
126A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227360850.000000000126A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126A000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010446523.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
352E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601802178.000000000352E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352E000
|
| Size: |
8192
|
|
|
3E5D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224041019.0000000003E5D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E5D000
|
| Size: |
458752
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008459072.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597885381.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010806677.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1660000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354230304.0000000001660000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1660000
|
| Size: |
24576
|
|
|
6400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645676492.0000000006400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6400000
|
| Size: |
4096
|
|
|
F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357292983.0000000000F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F66000
|
| Size: |
118784
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601823217.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
57344
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010339924.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3853000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365247123.0000000003853000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3853000
|
| Size: |
507904
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008886942.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2F03000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000003.3581468009.0000000002F03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F03000
|
| Size: |
8192
|
|
|
FC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363146229.0000000000FC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC1000
|
| Size: |
446464
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009541091.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
343E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644720442.000000000343E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
343E000
|
| Size: |
8192
|
|
|
6002000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563955248.0000000006002000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6002000
|
| Size: |
16384
|
|
|
7A0000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000001A.00000002.3582252572.00000000007A0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
7A0000
|
| Size: |
4096
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1353837335.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598684965.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582110580.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
69632
|
|
|
1731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354461917.0000000001731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1731000
|
| Size: |
507904
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578416649.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3535000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595696148.0000000003535000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3535000
|
| Size: |
12288
|
|
|
1731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345445956.0000000001731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1731000
|
| Size: |
507904
|
|
|
57EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645321148.00000000057EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57EE000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010095911.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
325D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3568975388.000000000325D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
325D000
|
| Size: |
53248
|
|
|
328F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369531089.000000000328F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011456493.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008435872.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578501649.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
11D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227220818.00000000011D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11D0000
|
| Size: |
24576
|
|
|
13BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353921410.00000000013BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13BF000
|
| Size: |
4096
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.1205984677.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009994358.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
353F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644759111.000000000353F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
353F000
|
| Size: |
4096
|
|
|
F38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363457783.0000000000F38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F38000
|
| Size: |
65536
|
|
|
F22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1353805550.0000000000F22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F22000
|
| Size: |
655360
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009640485.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
356B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596425356.000000000356B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
356B000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008975668.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368235999.0000000000650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
650000
|
| Size: |
20480
|
|
|
2CC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345062625.0000000002CC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
4096
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196754880.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010390606.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009407858.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
50A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596819642.00000000050A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50A0000
|
| Size: |
135168
|
|
|
30FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582951007.00000000030FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FF000
|
| Size: |
4096
|
|
|
1218000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222989520.0000000001218000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1218000
|
| Size: |
65536
|
|
|
3D33000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226301585.0000000003D33000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D33000
|
| Size: |
507904
|
|
|
97E000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1192495835.000000000097E000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
97E000
|
| Size: |
8192
|
|
|
3251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643257194.0000000003251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3251000
|
| Size: |
4096
|
|
|
87E000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000010.00000000.1334529548.000000000087E000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
87E000
|
| Size: |
8192
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000019.00000002.3600995325.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
360448
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
F30000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.1369164284.0000000000F30000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
F30000
|
| Size: |
20480
|
|
|
353E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582689712.000000000353E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353E000
|
| Size: |
57344
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563190349.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
3412000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601602373.0000000003412000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3412000
|
| Size: |
24576
|
|
|
5CAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645511752.0000000005CAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CAE000
|
| Size: |
8192
|
|
|
128B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1216121684.000000000128B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
128B000
|
| Size: |
73728
|
|
|
30B3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601238736.00000000030B3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30B3000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
646F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3603067108.000000000646F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
646F000
|
| Size: |
516096
|
|
|
3213000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582156823.0000000003213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3213000
|
| Size: |
192512
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008021218.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
16AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1337075419.00000000016AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16AD000
|
| Size: |
135168
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011040942.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3D30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224041019.0000000003D30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3D30000
|
| Size: |
1196032
|
|
|
4100000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1346368121.0000000004100000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4100000
|
| Size: |
1196032
|
|
|
5BAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645487054.0000000005BAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BAD000
|
| Size: |
12288
|
|
|
635B000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645624592.000000000635B000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
635B000
|
| Size: |
36864
|
|
|
31DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601487451.00000000031DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31DE000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008958083.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
37A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222717475.00000000037A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
37A0000
|
| Size: |
4096
|
|
|
3C10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225451786.0000000003C10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3C10000
|
| Size: |
1187840
|
|
|
3140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601419256.0000000003140000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3140000
|
| Size: |
4096
|
|
|
3950000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367011178.0000000003950000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3950000
|
| Size: |
1196032
|
|
|
5680000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645105028.0000000005680000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
5680000
|
| Size: |
360448
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011878810.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011335673.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
471000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3642377715.0000000000471000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
471000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008253588.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3301000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644665231.0000000003301000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3301000
|
| Size: |
16384
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354378589.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563389888.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
6401000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3579710828.0000000006401000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6401000
|
| Size: |
901120
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010109385.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009909874.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
37C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227794116.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37C4000
|
| Size: |
8192
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000002.1226912522.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
1271000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207600592.0000000001271000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1271000
|
| Size: |
782336
|
|
|
353A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598627992.000000000353A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353A000
|
| Size: |
86016
|
|
|
CEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368645925.0000000000CEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CEF000
|
| Size: |
4096
|
|
|
35C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599428864.00000000035C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35C6000
|
| Size: |
143360
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008349496.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009603537.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3CB3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223892938.0000000003CB3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB3000
|
| Size: |
507904
|
|
|
35C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599880285.00000000035C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35C5000
|
| Size: |
143360
|
|
|
F31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1356356929.0000000000F31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F31000
|
| Size: |
172032
|
|
|
2CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345039176.0000000002CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CA0000
|
| Size: |
4096
|
|
|
3DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225635998.0000000003DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB0000
|
| Size: |
1196032
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000002.1226912522.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000000.1334464548.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
126B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1212156081.000000000126B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126B000
|
| Size: |
8192
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597947420.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
98304
|
|
|
FBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207482200.0000000000FBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FBE000
|
| Size: |
8192
|
|
|
13CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353921410.00000000013CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13CF000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009122139.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1188000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196754880.0000000001188000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1188000
|
| Size: |
65536
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010280191.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008636869.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
F38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369194819.0000000000F38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F38000
|
| Size: |
4096
|
|
|
12A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207300558.00000000012A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A2000
|
| Size: |
131072
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1211441143.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
118784
|
|
|
1198000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196556105.0000000001198000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1198000
|
| Size: |
12288
|
|
|
6891000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3602663262.0000000006891000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6891000
|
| Size: |
200704
|
|
|
3DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224906331.0000000003DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB0000
|
| Size: |
1196032
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009016779.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
5E7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645580760.0000000005E7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E7E000
|
| Size: |
8192
|
|
|
3533000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598713671.0000000003533000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3533000
|
| Size: |
57344
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000001A.00000002.3581670673.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
315392
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576816127.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3A79000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366160821.0000000003A79000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A79000
|
| Size: |
4096
|
|
|
1080000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207681625.0000000001080000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1080000
|
| Size: |
4096
|
|
|
4083000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345960387.0000000004083000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4083000
|
| Size: |
507904
|
|
|
5901000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595416701.0000000005901000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5901000
|
| Size: |
737280
|
|
|
2E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642777795.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E90000
|
| Size: |
4096
|
|
|
11AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227182721.00000000011AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11AE000
|
| Size: |
8192
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3564138933.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
70C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3581809533.000000000070C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70C000
|
| Size: |
16384
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227360850.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
118784
|
|
|
3026000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011919604.0000000003026000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3026000
|
| Size: |
8192
|
|
|
126A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222989520.000000000126A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
126A000
|
| Size: |
4096
|
|
|
1210000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1227314097.0000000001210000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1210000
|
| Size: |
16384
|
|
|
3433000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601664771.0000000003433000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3433000
|
| Size: |
4096
|
|
|
3574000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594719075.0000000003574000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3574000
|
| Size: |
122880
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1353694412.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
|
|
1692000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1335959030.0000000001692000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1692000
|
| Size: |
655360
|
|
|
592E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645373882.000000000592E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
592E000
|
| Size: |
8192
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578549727.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011746038.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000003.00000000.1205620305.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
12A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1207679828.00000000012A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12A1000
|
| Size: |
585728
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3564241432.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563924261.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
20480
|
|
|
358A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598128205.000000000358A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
358A000
|
| Size: |
90112
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010061553.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1480000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354099643.0000000001480000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1480000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563292410.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
56DD000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645105028.00000000056DD000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
56DD000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010829924.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598195863.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
32768
|
|
|
3400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601573397.0000000003400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3400000
|
| Size: |
69632
|
|
|
770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368307733.0000000000770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
770000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010246990.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195813374.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010355616.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1090000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227161988.0000000001090000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1090000
|
| Size: |
4096
|
|
|
3ED9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226576572.0000000003ED9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3ED9000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008297523.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339665832.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
1E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227643016.0000000001E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1E0F000
|
| Size: |
4096
|
|
|
17AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354558891.00000000017AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17AE000
|
| Size: |
90112
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009798300.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
643E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578601041.000000000643E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
643E000
|
| Size: |
360448
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010411741.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368950747.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
8192
|
|
|
5901000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595613429.0000000005901000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5901000
|
| Size: |
835584
|
|
|
3DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1226576572.0000000003DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3DB0000
|
| Size: |
1196032
|
|
|
77A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207004699.000000000077A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
77A000
|
| Size: |
24576
|
|
|
7C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000002.1226830555.00000000007C0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
21EDDF00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1337062705.0000021EDDF00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDF00000
|
| Size: |
16384
|
|
|
3554000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3596906076.0000000003554000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3554000
|
| Size: |
106496
|
|
|
3EDD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224906331.0000000003EDD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3EDD000
|
| Size: |
458752
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008934131.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
4E5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3644863284.0000000004E5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E5E000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011969885.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3A7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367797480.0000000003A7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7D000
|
| Size: |
458752
|
|
|
1201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196445201.0000000001201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1201000
|
| Size: |
1073152
|
|
|
3597000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595159395.0000000003597000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3597000
|
| Size: |
299008
|
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357292983.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8B000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009694079.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
1732000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1335441338.0000000001732000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1732000
|
| Size: |
131072
|
|
|
6CC2BFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336558715.0000006CC2BFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC2BFD000
|
| Size: |
12288
|
|
|
563E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583431275.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
563E000
|
| Size: |
8192
|
|
|
309C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601238736.000000000309C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
309C000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010019210.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3F4E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1225635998.0000000003F4E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
24576
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575498735.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
F2C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369057760.0000000000F2C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F2C000
|
| Size: |
16384
|
|
|
16A7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345650804.00000000016A7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A7000
|
| Size: |
65536
|
|
|
3730000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1363995503.0000000003730000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3730000
|
| Size: |
1187840
|
|
|
3431000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582210429.0000000003431000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3431000
|
| Size: |
139264
|
|
|
1171000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195813374.0000000001171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1171000
|
| Size: |
172032
|
|
|
39F9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365551362.00000000039F9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39F9000
|
| Size: |
4096
|
|
|
39FD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365551362.00000000039FD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39FD000
|
| Size: |
458752
|
|
|
887000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000002.1227007053.0000000000887000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
887000
|
| Size: |
495616
|
|
|
87E000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000013.00000000.1350740773.000000000087E000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
87E000
|
| Size: |
8192
|
|
|
3576000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597299837.0000000003576000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3576000
|
| Size: |
4096
|
|
|
FC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1353761050.0000000000FC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC2000
|
| Size: |
131072
|
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369194819.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8B000
|
| Size: |
4096
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598815712.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
103D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227067869.000000000103D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
103D000
|
| Size: |
12288
|
|
|
511F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1346011219.000000000511F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
511F000
|
| Size: |
4096
|
|
|
FC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357210335.0000000000FC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC1000
|
| Size: |
446464
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009892324.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011834246.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
2FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642960925.0000000002FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FE0000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010549573.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576935795.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
37B0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366662741.00000000037B0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
37B0000
|
| Size: |
1187840
|
|
|
5901000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595057343.0000000005901000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5901000
|
| Size: |
262144
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599621977.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
69632
|
|
|
3553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582913155.0000000003553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3553000
|
| Size: |
98304
|
|
|
323E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345517634.000000000323E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323E000
|
| Size: |
8192
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010528922.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
117E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1193453463.000000000117E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
117E000
|
| Size: |
266240
|
|
|
3B90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1223892938.0000000003B90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B90000
|
| Size: |
1187840
|
|
|
21EDDEA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1337043443.0000021EDDEA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDEA0000
|
| Size: |
4096
|
|
|
6CC2DFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336668369.0000006CC2DFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC2DFF000
|
| Size: |
4096
|
|
|
11CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196754880.00000000011CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11CA000
|
| Size: |
4096
|
|
|
16A7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354378589.00000000016A7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A7000
|
| Size: |
4096
|
|
|
5901000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595202658.0000000005901000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5901000
|
| Size: |
315392
|
|
|
13EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1353921410.00000000013EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13EF000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009000128.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563578555.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009777506.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010745242.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1306000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209211632.0000000001306000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1306000
|
| Size: |
4096
|
|
|
21EDDC53000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDC53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDC53000
|
| Size: |
208896
|
|
|
3A60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202991474.0000000003A60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A60000
|
| Size: |
729088
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1196556105.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009306182.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
16FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1339592015.00000000016FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FC000
|
| Size: |
196608
|
|
|
16D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1345650804.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D5000
|
| Size: |
118784
|
|
|
41B000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000001C.00000002.3582642357.000000000041B000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
41B000
|
| Size: |
36864
|
|
|
3113000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563225890.0000000003113000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3113000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011704257.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1222989520.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
118784
|
|
|
3780000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227731324.0000000003780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3780000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009462893.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
10C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1369418450.00000000010C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C0000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009055435.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3853000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364602072.0000000003853000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3853000
|
| Size: |
507904
|
|
|
6463000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577040292.0000000006463000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6463000
|
| Size: |
163840
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010702238.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010721811.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
12288
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3577784700.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578149076.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
6422000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576712799.0000000006422000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6422000
|
| Size: |
4096
|
|
|
3510000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583216752.0000000003510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3510000
|
| Size: |
4096
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3580298377.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3579579592.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000010.00000002.1353625391.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011558019.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3200000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583051220.0000000003200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
4096
|
|
|
11A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1195890656.00000000011A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A6000
|
| Size: |
118784
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3564174328.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
333F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345569002.000000000333F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
333F000
|
| Size: |
4096
|
|
|
21EDDF05000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1337062705.0000021EDDF05000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDF05000
|
| Size: |
32768
|
|
|
3CB3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224378836.0000000003CB3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB3000
|
| Size: |
507904
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010680172.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
38D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365551362.00000000038D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D0000
|
| Size: |
1196032
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3582614958.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
90112
|
|
|
FFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207482200.0000000000FFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FFC000
|
| Size: |
16384
|
|
|
1202000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1192882659.0000000001202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1202000
|
| Size: |
131072
|
|
|
37CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583288937.00000000037CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CF000
|
| Size: |
4096
|
|
|
101B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227067869.000000000101B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
101B000
|
| Size: |
20480
|
|
|
35D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594785733.00000000035D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35D7000
|
| Size: |
159744
|
|
|
3510000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582558695.0000000003510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3510000
|
| Size: |
4096
|
|
|
1177000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1208399606.0000000001177000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1177000
|
| Size: |
4096
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598308987.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
40960
|
|
|
21EDDC87000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336816317.0000021EDDC87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDC87000
|
| Size: |
167936
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3564022848.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599030420.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
6434000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3576738545.0000000006434000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6434000
|
| Size: |
102400
|
|
|
6CC25FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1335620509.0000006CC25FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6CC25FE000
|
| Size: |
8192
|
|
|
5660000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645080887.0000000005660000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5660000
|
| Size: |
4096
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012323377.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599938599.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354378589.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
4096
|
|
|
475000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3642377715.0000000000475000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
475000
|
| Size: |
40960
|
|
|
3400000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583103198.0000000003400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3400000
|
| Size: |
69632
|
|
|
5710000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.3645226236.0000000005710000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
5710000
|
| Size: |
315392
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008702137.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
8C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1207086056.00000000008C0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8C0000
|
| Size: |
4096
|
|
|
FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207482200.0000000000FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FCE000
|
| Size: |
8192
|
|
|
3000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345237084.0000000003000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3000000
|
| Size: |
53248
|
|
|
1201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1193126194.0000000001201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1201000
|
| Size: |
614400
|
|
|
3E5D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224478199.0000000003E5D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3E5D000
|
| Size: |
458752
|
|
|
1430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1354050592.0000000001430000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1430000
|
| Size: |
4096
|
|
|
39F9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1364826020.00000000039F9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
39F9000
|
| Size: |
4096
|
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1357162977.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F8B000
|
| Size: |
4096
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597590194.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
40960
|
|
|
1299000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202190558.0000000001299000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1299000
|
| Size: |
450560
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009656276.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
11FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202292926.00000000011FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11FA000
|
| Size: |
8192
|
|
|
1A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1227618008.0000000001A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1A0E000
|
| Size: |
8192
|
|
|
3A7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1366160821.0000000003A7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A7D000
|
| Size: |
458752
|
|
|
2F0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001A.00000002.3582898170.0000000002F0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
26
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F0C000
|
| Size: |
4096
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008786063.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3B13000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202991474.0000000003B13000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B13000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary is likely a compiled AutoIt script file |
System Summary |
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3575611434.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011278725.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
76E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368267369.000000000076E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
76E000
|
| Size: |
8192
|
|
|
1731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1336714930.0000000001731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1731000
|
| Size: |
507904
|
|
|
84F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.1205873476.000000000084F000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
84F000
|
| Size: |
147456
|
|
|
3A79000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1367011178.0000000003A79000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A79000
|
| Size: |
4096
|
|
|
5201000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000002.3601951389.0000000005201000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5201000
|
| Size: |
8192
|
|
|
3B21000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1202991474.0000000003B21000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B21000
|
| Size: |
495616
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2012186232.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011574449.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
35AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3594902961.00000000035AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35AD000
|
| Size: |
208896
|
|
|
3503000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000003.3582558695.0000000003503000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3503000
|
| Size: |
8192
|
|
|
3F4E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224906331.0000000003F4E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
24576
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598250414.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
38D3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365944821.00000000038D3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
38D3000
|
| Size: |
507904
|
|
|
35A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3595353197.00000000035A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35A4000
|
| Size: |
348160
|
|
|
16FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1338895827.00000000016FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16FA000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011081886.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563323394.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
16384
|
|
|
4E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345769585.0000000004E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E9E000
|
| Size: |
8192
|
|
|
3A6E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1365551362.0000000003A6E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6E000
|
| Size: |
24576
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009718835.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
2F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3582881261.0000000002F80000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F80000
|
| Size: |
4096
|
|
|
874000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000013.00000002.1368461830.0000000000874000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
874000
|
| Size: |
40960
|
|
|
5A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3645429700.0000000005A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A6E000
|
| Size: |
8192
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563446243.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3580506711.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
422D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1347601468.000000000422D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
422D000
|
| Size: |
458752
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011902036.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2011417077.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
7C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000013.00000000.1349101077.00000000007C1000.00000020.00000001.01000000.00000007.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7C1000
|
| Size: |
581632
|
|
|
3532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3599163133.0000000003532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3532000
|
| Size: |
69632
|
|
|
FE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000003.1353886893.0000000000FE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FE1000
|
| Size: |
4096
|
|
|
3546000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597758480.0000000003546000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3546000
|
| Size: |
49152
|
|
|
3113000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563353242.0000000003113000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3113000
|
| Size: |
8192
|
|
|
3412000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000001C.00000002.3583140928.0000000003412000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
28
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3412000
|
| Size: |
65536
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008420502.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
1D2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1209278059.0000000001D2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1D2F000
|
| Size: |
4096
|
|
|
2FC0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000014.00000002.3642913859.0000000002FC0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
2FC0000
|
| Size: |
4096
|
|
|
8C1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1207172043.00000000008C1000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
8C1000
|
| Size: |
581632
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009169269.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
3002000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3643010446.0000000003002000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3002000
|
| Size: |
24576
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009933901.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009331934.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3024000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2010603319.0000000003024000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3024000
|
| Size: |
16384
|
|
|
21EDDBD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.1336796051.0000021EDDBD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21EDDBD0000
|
| Size: |
4096
|
|
|
2E7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.3642731068.0000000002E7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E7D000
|
| Size: |
12288
|
|
|
328F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3578365959.000000000328F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
16384
|
|
|
301B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3564205607.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
301B000
|
| Size: |
16384
|
|
|
3533000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3597789316.0000000003533000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3533000
|
| Size: |
57344
|
|
|
2DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1345130103.0000000002DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF0000
|
| Size: |
4096
|
|
|
FDB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207482200.0000000000FDB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FDB000
|
| Size: |
20480
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2008866977.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3B90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1224378836.0000000003B90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3B90000
|
| Size: |
1187840
|
|
|
882000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000010.00000000.1334529548.0000000000882000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
882000
|
| Size: |
8192
|
|
|
CFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368645925.0000000000CFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CFC000
|
| Size: |
16384
|
|
|
3013000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.2009244012.0000000003013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3013000
|
| Size: |
16384
|
|
|
3577000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000019.00000003.3598765867.0000000003577000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
25
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3577000
|
| Size: |
53248
|
|
|
640000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.1368203514.0000000000640000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
640000
|
| Size: |
4096
|
|
|
3102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.3563819962.0000000003102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3102000
|
| Size: |
20480
|
|
