|
7FAE0000
|
direct allocation
|
page read and write
|
 |
|
|
| Name: |
0000000E.00000002.1141302711.000000007FAE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FAE0000
|
| Size: |
221184
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected DBatLoader |
Data Obfuscation |
|
|
|
2C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203224741.0000000002C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C30000
|
| Size: |
196608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
2370000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.0000000002370000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2370000
|
| Size: |
442368
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected DBatLoader |
Data Obfuscation |
|
|
|
400000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.2202403194.0000000000400000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
475136
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected UAC Bypass using CMSTP |
Exploits |
|
| Yara detected Keylogger Generic |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6C70000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.2205275601.0000000006C70000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6C70000
|
| Size: |
507904
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected UAC Bypass using CMSTP |
Exploits |
|
| Yara detected Keylogger Generic |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFB9AC20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1136299572.00007FFB9AC20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC20000
|
| Size: |
65536
|
|
|
1CC57A52000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1099746349.000001CC57A52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A52000
|
| Size: |
24576
|
|
|
9EE9A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156820213.0000009EE9A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9A7E000
|
| Size: |
8192
|
|
|
7E460000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1053742356.000000007E460000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E460000
|
| Size: |
4096
|
|
|
2C4DFE70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1008686939.000002C4DFE70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFE70000
|
| Size: |
4096
|
|
|
2244000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002244000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2244000
|
| Size: |
8192
|
|
|
19396FA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396FA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396FA9000
|
| Size: |
8192
|
|
|
1CC576E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC576E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC576E0000
|
| Size: |
53248
|
|
|
C65DFFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917675581.000000C65DFFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65DFFE000
|
| Size: |
8192
|
|
|
2154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241796497.000000002154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2154E000
|
| Size: |
8192
|
|
|
220B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.000000000220B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
220B000
|
| Size: |
4096
|
|
|
193B0E6E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0E6E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0E6E000
|
| Size: |
8192
|
|
|
2C61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203224741.0000000002C61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C61000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1E41A826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A826000
|
| Size: |
8192
|
|
|
28B9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.00000000028B9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28B9000
|
| Size: |
118784
|
|
|
1CC3D860000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980394166.000001CC3D860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D860000
|
| Size: |
12288
|
|
|
1E418B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162651577.000001E418B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418B20000
|
| Size: |
12288
|
|
|
292D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.000000000292D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
292D000
|
| Size: |
12288
|
|
|
C65DB58000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917629909.000000C65DB58000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65DB58000
|
| Size: |
32768
|
|
|
193B0E73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0E73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0E73000
|
| Size: |
225280
|
|
|
2402BCFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206184392.000002402BCFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BCFF000
|
| Size: |
8192
|
|
|
2CA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1091245591.0000000002CA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CA9000
|
| Size: |
4096
|
|
|
2ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2202953775.0000000002ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ADE000
|
| Size: |
8192
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1216477185.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
21990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1060192854.0000000021990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
21990000
|
| Size: |
180224
|
|
|
B18CBCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979625146.000000B18CBCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18CBCE000
|
| Size: |
8192
|
|
|
235EA33D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924008677.00000235EA33D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA33D000
|
| Size: |
8192
|
|
|
1CC578E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1089379408.000001CC578E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC578E0000
|
| Size: |
98304
|
|
|
1E41A83A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A83A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A83A000
|
| Size: |
8192
|
|
|
2C4E17F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1010051065.000002C4E17F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4E17F0000
|
| Size: |
12288
|
|
|
1CC576EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC576EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC576EE000
|
| Size: |
176128
|
|
|
7ECD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1132069888.000000007ECD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECD0000
|
| Size: |
4096
|
|
|
2B12DDD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917858675.000002B12DDD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDD0000
|
| Size: |
16384
|
|
|
7EBA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1131521953.000000007EBA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EBA0000
|
| Size: |
61440
|
|
|
B18BAFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979145704.000000B18BAFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BAFF000
|
| Size: |
4096
|
|
|
20E33000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E33000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E33000
|
| Size: |
4096
|
|
|
7FFB9ACB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958005833.00007FFB9ACB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACB0000
|
| Size: |
65536
|
|
|
1CC4091F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC4091F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4091F000
|
| Size: |
278528
|
|
|
235EA19E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922652185.00000235EA19E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA19E000
|
| Size: |
77824
|
|
|
7FFB9AC20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1269877282.00007FFB9AC20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC20000
|
| Size: |
65536
|
|
|
235EA1B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922652185.00000235EA1B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1B4000
|
| Size: |
217088
|
|
|
24031170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207011029.0000024031170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031170000
|
| Size: |
4096
|
|
|
7FB00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1009959257.000000007FB00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FB00000
|
| Size: |
1028096
|
|
|
2B12FC0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918178303.000002B12FC0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FC0D000
|
| Size: |
4096
|
|
|
29D47690000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947300194.0000029D47690000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D47690000
|
| Size: |
4096
|
|
|
7FFC0C632000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.924330694.00007FFC0C632000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C632000
|
| Size: |
8192
|
|
|
2D5C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041143992.0000000002D5C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D5C000
|
| Size: |
32768
|
|
|
1E41A774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A774000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2402BC2B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205682371.000002402BC2B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC2B000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2C4E3468000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E3468000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E3468000
|
| Size: |
278528
|
|
|
235EA1B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.921683935.00000235EA1B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1B4000
|
| Size: |
217088
|
|
|
19396F20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F20000
|
| Size: |
249856
|
|
|
24031080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206897934.0000024031080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031080000
|
| Size: |
4096
|
|
|
7DF40A620000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1104483405.00007DF40A620000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF40A620000
|
| Size: |
4096
|
|
|
1CC4F8DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F8DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F8DB000
|
| Size: |
4096
|
|
|
7DF40C1B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.955535764.00007DF40C1B0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF40C1B0000
|
| Size: |
4096
|
|
|
1E4189D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E4189D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4189D4000
|
| Size: |
4096
|
|
|
1CC3D840000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980352415.000001CC3D840000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3D840000
|
| Size: |
4096
|
|
|
2C52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1058871046.0000000002C52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C52000
|
| Size: |
36864
|
|
|
7E9C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1030763259.000000007E9C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E9C0000
|
| Size: |
794624
|
|
|
2F98000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213936912.0000000002F98000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F98000
|
| Size: |
77824
|
|
|
74C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000074C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
74C000
|
| Size: |
126976
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
7FFB9AB00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1220447314.00007FFB9AB00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AB00000
|
| Size: |
16384
|
|
|
235EBF23000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922843372.00000235EBF23000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF23000
|
| Size: |
57344
|
|
|
29F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213788457.00000000029F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29F0000
|
| Size: |
4096
|
|
|
1E418AF0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1162167775.000001E418AF0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
1E418AF0000
|
| Size: |
4096
|
|
|
1CC4055E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC4055E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4055E000
|
| Size: |
1306624
|
|
|
2C4F9DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1265642396.000002C4F9DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9DE0000
|
| Size: |
4096
|
|
|
2CD9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1227016679.0000000002CD9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CD9000
|
| Size: |
4096
|
|
|
2C4DFCEF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFCEF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFCEF000
|
| Size: |
20480
|
|
|
B18CDCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979721786.000000B18CDCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18CDCE000
|
| Size: |
8192
|
|
|
2B12DCC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917818137.000002B12DCC0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DCC0000
|
| Size: |
4096
|
|
|
7FFB9ABC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956817500.00007FFB9ABC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABC0000
|
| Size: |
4096
|
|
|
7FFB9ACD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958130882.00007FFB9ACD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACD0000
|
| Size: |
20480
|
|
|
2C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203224741.0000000002C00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C00000
|
| Size: |
24576
|
|
|
7FFB9AB90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1132268545.00007FFB9AB90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AB90000
|
| Size: |
4096
|
|
|
2B12FBFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916852258.000002B12FBFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FBFA000
|
| Size: |
28672
|
|
|
2B12DEA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917177299.000002B12DEA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEA9000
|
| Size: |
212992
|
|
|
2110F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241466688.000000002110F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2110F000
|
| Size: |
4096
|
|
|
6FBF67E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204919920.0000006FBF67E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBF67E000
|
| Size: |
4096
|
|
|
7FFB9AA8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.955856608.00007FFB9AA8C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA8C000
|
| Size: |
8192
|
|
|
67205FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950896568.00000067205FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67205FF000
|
| Size: |
4096
|
|
|
B18C0FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979557087.000000B18C0FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18C0FC000
|
| Size: |
16384
|
|
|
19396F6F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F6F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F6F000
|
| Size: |
8192
|
|
|
1E432921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1208168943.000001E432921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432921000
|
| Size: |
24576
|
|
|
2A3B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2202837209.0000000002A3B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A3B000
|
| Size: |
20480
|
|
|
1939903A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.000001939903A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1939903A000
|
| Size: |
1236992
|
|
|
2B12DDE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917907803.000002B12DDE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDE0000
|
| Size: |
8192
|
|
|
20D10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020D10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20D10000
|
| Size: |
4096
|
|
|
1E432995000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E432995000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432995000
|
| Size: |
4096
|
|
|
2C4F9F1B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266020687.000002C4F9F1B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F1B000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7FFB9A9D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955633271.00007FFB9A9D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9D4000
|
| Size: |
36864
|
|
|
7FFB9AC60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1243572492.00007FFB9AC60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC60000
|
| Size: |
65536
|
|
|
650000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068849147.0000000000650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
650000
|
| Size: |
16384
|
|
|
235EA17B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923585023.00000235EA17B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA17B000
|
| Size: |
40960
|
|
|
21880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1068017861.0000000021880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
21880000
|
| Size: |
4096
|
|
|
7FFB9AC00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1269638687.00007FFB9AC00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC00000
|
| Size: |
65536
|
|
|
2C4DFCCF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFCCF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFCCF000
|
| Size: |
4096
|
|
|
21990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1113555928.0000000021990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
21990000
|
| Size: |
503808
|
|
|
E1CEA4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005311355.000000E1CEA4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CEA4D000
|
| Size: |
12288
|
|
|
1E41A82F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A82F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A82F000
|
| Size: |
28672
|
|
|
1CC57A40000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1099746349.000001CC57A40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A40000
|
| Size: |
8192
|
|
|
2C4E17D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1009778376.000002C4E17D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2C4E17D0000
|
| Size: |
20480
|
|
|
7FFB9AD38000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1151493703.00007FFB9AD38000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD38000
|
| Size: |
12288
|
|
|
7FFB9A9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1267830856.00007FFB9A9F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9F0000
|
| Size: |
40960
|
|
|
4F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204779208.0000000004F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F4E000
|
| Size: |
8192
|
|
|
1E42A711000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1198486334.000001E42A711000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E42A711000
|
| Size: |
53248
|
|
|
193991E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.00000193991E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193991E4000
|
| Size: |
20480
|
|
|
7FFB9AD40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1273006461.00007FFB9AD40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD40000
|
| Size: |
12288
|
|
|
19396F67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F67000
|
| Size: |
12288
|
|
|
E1CD673000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.995280469.000000E1CD673000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD673000
|
| Size: |
53248
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958434815.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
34E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1041267961.00000000034E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
34E0000
|
| Size: |
12288
|
|
|
193B1090000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.955454830.00000193B1090000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
193B1090000
|
| Size: |
4096
|
|
|
2402C51A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1321893608.000002402C51A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C51A000
|
| Size: |
4096
|
|
|
2402C51A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1326746221.000002402C51A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C51A000
|
| Size: |
4096
|
|
|
3021000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
00000015.00000002.1227189157.0000000003021000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
3021000
|
| Size: |
155648
|
|
|
59950FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923230623.00000059950FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59950FE000
|
| Size: |
8192
|
|
|
2403121F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207105706.000002403121F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2403121F000
|
| Size: |
49152
|
|
|
1CC4F611000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F611000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F611000
|
| Size: |
253952
|
|
|
2B12DDDC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916920109.000002B12DDDC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDDC000
|
| Size: |
12288
|
|
|
4F8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204847168.0000000004F8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F8F000
|
| Size: |
4096
|
|
|
7FFB9AC90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1244989827.00007FFB9AC90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC90000
|
| Size: |
65536
|
|
|
76C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000076C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
76C000
|
| Size: |
4096
|
|
|
24031304000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207498516.0000024031304000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031304000
|
| Size: |
4096
|
|
|
1CC409A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC409A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC409A4000
|
| Size: |
3915776
|
|
|
2270000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1222611203.0000000002270000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2270000
|
| Size: |
8192
|
|
|
7FFB9ABA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1132354733.00007FFB9ABA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABA0000
|
| Size: |
24576
|
|
|
7FFB9AA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1268018120.00007FFB9AA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA90000
|
| Size: |
8192
|
|
|
7DF40A630000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1105238235.00007DF40A630000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF40A630000
|
| Size: |
4096
|
|
|
2162F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110821770.000000002162F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2162F000
|
| Size: |
4096
|
|
|
240310E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1217672425.00000240310E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310E9000
|
| Size: |
28672
|
|
|
1E42A744000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1198486334.000001E42A744000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E42A744000
|
| Size: |
241664
|
|
|
19398D4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398D4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398D4F000
|
| Size: |
524288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1CC3D865000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980394166.000001CC3D865000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D865000
|
| Size: |
20480
|
|
|
7FFB9ABC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1269239074.00007FFB9ABC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABC2000
|
| Size: |
4096
|
|
|
2926000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002926000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2926000
|
| Size: |
4096
|
|
|
1E4189CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E4189CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4189CF000
|
| Size: |
8192
|
|
|
C65E5FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917781286.000000C65E5FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E5FD000
|
| Size: |
12288
|
|
|
2E2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213893789.0000000002E2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E2F000
|
| Size: |
4096
|
|
|
1E41A82C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A82C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A82C000
|
| Size: |
8192
|
|
|
9EE98FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156690950.0000009EE98FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE98FD000
|
| Size: |
12288
|
|
|
7FFB9ABB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.956792707.00007FFB9ABB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABB2000
|
| Size: |
4096
|
|
|
474000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068603625.0000000000474000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
474000
|
| Size: |
28672
|
|
|
240311E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1217770209.00000240311E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240311E0000
|
| Size: |
4096
|
|
|
2188B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1044781061.000000002188B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2188B000
|
| Size: |
4096
|
|
|
1CC3F5D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.980972637.000001CC3F5D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC3F5D0000
|
| Size: |
4096
|
|
|
2124F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241564024.000000002124F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2124F000
|
| Size: |
4096
|
|
|
2C4E17D6000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1009778376.000002C4E17D6000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2C4E17D6000
|
| Size: |
8192
|
|
|
19396F5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F5F000
|
| Size: |
4096
|
|
|
7FFB9A9ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1218581564.00007FFB9A9ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9ED000
|
| Size: |
12288
|
|
|
2C4DFCD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFCD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFCD1000
|
| Size: |
12288
|
|
|
1CC4069E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC4069E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4069E000
|
| Size: |
393216
|
|
|
B18B7CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979096673.000000B18B7CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18B7CF000
|
| Size: |
4096
|
|
|
1CC57A33000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1099746349.000001CC57A33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A33000
|
| Size: |
24576
|
|
|
19396F61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F61000
|
| Size: |
12288
|
|
|
2C59000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1058995286.0000000002C59000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C59000
|
| Size: |
94208
|
|
|
2B12DDDD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917554849.000002B12DDDD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDDD000
|
| Size: |
8192
|
|
|
7FFB9AA9C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1219452215.00007FFB9AA9C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA9C000
|
| Size: |
8192
|
|
|
7FAF7000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1012974586.000000007FAF7000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FAF7000
|
| Size: |
8192
|
|
|
1CC57690000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081342524.000001CC57690000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC57690000
|
| Size: |
4096
|
|
|
1E43298C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E43298C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E43298C000
|
| Size: |
12288
|
|
|
7FFB9A9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955692184.00007FFB9A9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9E0000
|
| Size: |
40960
|
|
|
2402C691000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206449360.000002402C691000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402C691000
|
| Size: |
4096
|
|
|
235EA192000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922593487.00000235EA192000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA192000
|
| Size: |
20480
|
|
|
24031091000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1328097997.0000024031091000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031091000
|
| Size: |
4096
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217550294.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
32768
|
|
|
59951FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923250148.00000059951FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59951FF000
|
| Size: |
4096
|
|
|
67204FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950828039.00000067204FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67204FD000
|
| Size: |
12288
|
|
|
19398810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952086077.0000019398810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19398810000
|
| Size: |
12288
|
|
|
2402CB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206573107.000002402CB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402CB80000
|
| Size: |
4096
|
|
|
1CC57A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1098457544.000001CC57A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A10000
|
| Size: |
4096
|
|
|
7FFB9AC70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957844043.00007FFB9AC70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC70000
|
| Size: |
65536
|
|
|
9EE9673000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156190051.0000009EE9673000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9673000
|
| Size: |
53248
|
|
|
7FFC0C635000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.958458015.00007FFC0C635000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C635000
|
| Size: |
4096
|
|
|
2510000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074425140.0000000002510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2510000
|
| Size: |
4096
|
|
|
7FFB9ADC3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1152504433.00007FFB9ADC3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ADC3000
|
| Size: |
53248
|
|
|
4844000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204141308.0000000004844000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4844000
|
| Size: |
16384
|
|
|
2C4DFD17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFD17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFD17000
|
| Size: |
20480
|
|
|
1CC40E6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40E6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40E6D000
|
| Size: |
778240
|
|
|
2164F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241846348.000000002164F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2164F000
|
| Size: |
4096
|
|
|
2B12DE90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917469868.000002B12DE90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE90000
|
| Size: |
12288
|
|
|
7FC10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1145388701.000000007FC10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FC10000
|
| Size: |
606208
|
|
|
7FFB9ACB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1271135898.00007FFB9ACB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACB0000
|
| Size: |
65536
|
|
|
7EDDF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1023791006.000000007EDDF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EDDF000
|
| Size: |
200704
|
|
|
7ED50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1026012626.000000007ED50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ED50000
|
| Size: |
4096
|
|
|
7FFB9AC00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1223135758.00007FFB9AC00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC00000
|
| Size: |
65536
|
|
|
6FBE379000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203062909.0000006FBE379000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE379000
|
| Size: |
28672
|
|
|
7FFB9AAC6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1219837667.00007FFB9AAC6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAC6000
|
| Size: |
45056
|
|
|
19398C60000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.952567235.0000019398C60000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
19398C60000
|
| Size: |
20480
|
|
|
7ED50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1027731781.000000007ED50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ED50000
|
| Size: |
4096
|
|
|
2220000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002220000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2220000
|
| Size: |
8192
|
|
|
19398B80000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.952237881.0000019398B80000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
19398B80000
|
| Size: |
4096
|
|
|
7E98F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1033350942.000000007E98F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E98F000
|
| Size: |
12288
|
|
|
E1CD7FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.995875488.000000E1CD7FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD7FE000
|
| Size: |
8192
|
|
|
2C4F9F4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266775381.000002C4F9F4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F4D000
|
| Size: |
57344
|
|
|
235EBF17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924028935.00000235EBF17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF17000
|
| Size: |
16384
|
|
|
235EA188000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923585023.00000235EA188000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA188000
|
| Size: |
16384
|
|
|
1CC3D590000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D590000
|
| Size: |
253952
|
|
|
2470000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1222925880.0000000002470000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2470000
|
| Size: |
4096
|
|
|
1CC40883000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40883000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40883000
|
| Size: |
397312
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068281465.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
2840000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002840000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2840000
|
| Size: |
331776
|
|
|
19398C00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952516936.0000019398C00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398C00000
|
| Size: |
65536
|
|
|
19398815000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952086077.0000019398815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19398815000
|
| Size: |
16384
|
|
|
7E690000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1129948453.000000007E690000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E690000
|
| Size: |
4096
|
|
|
19396F15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951413871.0000019396F15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F15000
|
| Size: |
20480
|
|
|
235EA14A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922746331.00000235EA14A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA14A000
|
| Size: |
20480
|
|
|
7FFB9AC10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957548625.00007FFB9AC10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC10000
|
| Size: |
65536
|
|
|
2113000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220771055.0000000002113000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2113000
|
| Size: |
8192
|
|
|
1E418A19000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E418A19000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418A19000
|
| Size: |
8192
|
|
|
1CC40551000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40551000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40551000
|
| Size: |
12288
|
|
|
9EE9AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156872041.0000009EE9AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9AFE000
|
| Size: |
8192
|
|
|
7A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.00000000007A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A8000
|
| Size: |
12288
|
|
|
1E4329C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1216377543.000001E4329C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4329C9000
|
| Size: |
94208
|
|
|
9EE9DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157045547.0000009EE9DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9DBE000
|
| Size: |
8192
|
|
|
298A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1226897136.000000000298A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
298A000
|
| Size: |
4096
|
|
|
2402BBE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205370457.000002402BBE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402BBE0000
|
| Size: |
4096
|
|
|
7FFB9A9DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.955660941.00007FFB9A9DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9DD000
|
| Size: |
12288
|
|
|
1E418B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162870546.000001E418B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418B50000
|
| Size: |
16384
|
|
|
7FFB9A9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1106261319.00007FFB9A9D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9D0000
|
| Size: |
4096
|
|
|
2114F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110542013.000000002114F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2114F000
|
| Size: |
4096
|
|
|
672073E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950944196.000000672073E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672073E000
|
| Size: |
8192
|
|
|
C65E1FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917699394.000000C65E1FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E1FF000
|
| Size: |
4096
|
|
|
193B0E39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0E39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0E39000
|
| Size: |
188416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
24031070000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206876230.0000024031070000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031070000
|
| Size: |
4096
|
|
|
B18C17E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979578172.000000B18C17E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18C17E000
|
| Size: |
8192
|
|
|
2E3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1040745051.0000000002E3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E3D000
|
| Size: |
12288
|
|
|
7FFB9AAA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1268245735.00007FFB9AAA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAA0000
|
| Size: |
32768
|
|
|
2B12DE20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917924233.000002B12DE20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE20000
|
| Size: |
69632
|
|
|
19396F10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951413871.0000019396F10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F10000
|
| Size: |
16384
|
|
|
7FFB9AB9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1221212494.00007FFB9AB9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB9A000
|
| Size: |
24576
|
|
|
9EE997F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156754728.0000009EE997F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE997F000
|
| Size: |
4096
|
|
|
1E43299E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E43299E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E43299E000
|
| Size: |
45056
|
|
|
31CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041394650.00000000031CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31CF000
|
| Size: |
4096
|
|
|
2C4F1D43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1D43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1D43000
|
| Size: |
1282048
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1E418930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157345159.000001E418930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418930000
|
| Size: |
4096
|
|
|
6FBE8FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203450234.0000006FBE8FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE8FE000
|
| Size: |
8192
|
|
|
7FFC0C635000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.924330694.00007FFC0C635000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C635000
|
| Size: |
4096
|
|
|
7FFB9AB81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.956288298.00007FFB9AB81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB81000
|
| Size: |
32768
|
|
|
2B12DE90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917300605.000002B12DE90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE90000
|
| Size: |
12288
|
|
|
2120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220939459.0000000002120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2120000
|
| Size: |
16384
|
|
|
2240000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1071974104.0000000002240000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2240000
|
| Size: |
4096
|
|
|
7FFB9ABD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.956856321.00007FFB9ABD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABD0000
|
| Size: |
65536
|
|
|
19398DE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DE4000
|
| Size: |
8192
|
|
|
1E41A79F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A79F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A79F000
|
| Size: |
548864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1E42A724000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1198486334.000001E42A724000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E42A724000
|
| Size: |
126976
|
|
|
7FFB9AA9C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1268165750.00007FFB9AA9C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA9C000
|
| Size: |
12288
|
|
|
1E4189F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E4189F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4189F0000
|
| Size: |
16384
|
|
|
2402BC7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BC7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC7D000
|
| Size: |
4096
|
|
|
2402BCA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BCA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BCA0000
|
| Size: |
8192
|
|
|
2C4E34C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E34C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E34C1000
|
| Size: |
548864
|
|
|
7FFC0C611000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.918238523.00007FFC0C611000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFC0C611000
|
| Size: |
86016
|
|
|
7FFB9AB90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956508593.00007FFB9AB90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AB90000
|
| Size: |
12288
|
|
|
240310D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206962269.00000240310D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310D0000
|
| Size: |
4096
|
|
|
1CC40D61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40D61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40D61000
|
| Size: |
929792
|
|
|
235EA19D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923781768.00000235EA19D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA19D000
|
| Size: |
4096
|
|
|
1CC4054D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC4054D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4054D000
|
| Size: |
12288
|
|
|
235EA18D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923585023.00000235EA18D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA18D000
|
| Size: |
8192
|
|
|
7FC01000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1141968902.000000007FC01000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FC01000
|
| Size: |
12288
|
|
|
6FBF47E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204781812.0000006FBF47E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBF47E000
|
| Size: |
4096
|
|
|
7FFB9AA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1128137633.00007FFB9AA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA80000
|
| Size: |
8192
|
|
|
2126000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220939459.0000000002126000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2126000
|
| Size: |
12288
|
|
|
7ED40000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1018392803.000000007ED40000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ED40000
|
| Size: |
782336
|
|
|
7EE0B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1018392803.000000007EE0B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EE0B000
|
| Size: |
8192
|
|
|
7F9F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1012974586.000000007F9F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F9F0000
|
| Size: |
1028096
|
|
|
7FADA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1141181658.000000007FADA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FADA000
|
| Size: |
4096
|
|
|
7E78F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1130427202.000000007E78F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E78F000
|
| Size: |
49152
|
|
|
7E760000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1035531348.000000007E760000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E760000
|
| Size: |
282624
|
|
|
2C4E32B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E32B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E32B2000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2AE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203018742.0000000002AE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AE5000
|
| Size: |
12288
|
|
|
1CC3F3C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980558738.000001CC3F3C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3F3C0000
|
| Size: |
12288
|
|
|
E1CE90D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005168268.000000E1CE90D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CE90D000
|
| Size: |
12288
|
|
|
7FFB9AB8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1131545322.00007FFB9AB8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB8A000
|
| Size: |
24576
|
|
|
19396DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951295698.0000019396DD0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396DD0000
|
| Size: |
4096
|
|
|
6B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2205178211.0000000006B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B70000
|
| Size: |
12288
|
|
|
1F850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2217553296.000000001F850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F850000
|
| Size: |
32768
|
|
|
240312F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207364248.00000240312F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312F8000
|
| Size: |
8192
|
|
|
20D18000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020D18000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20D18000
|
| Size: |
503808
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
19398DD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DD0000
|
| Size: |
8192
|
|
|
6FBEF7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204341212.0000006FBEF7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBEF7E000
|
| Size: |
4096
|
|
|
7FFB9AA8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1129651773.00007FFB9AA8C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA8C000
|
| Size: |
61440
|
|
|
235EA198000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923757397.00000235EA198000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA198000
|
| Size: |
16384
|
|
|
20D94000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020D94000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20D94000
|
| Size: |
397312
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
63E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068793028.000000000063E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63E000
|
| Size: |
8192
|
|
|
2402BC00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205542537.000002402BC00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC00000
|
| Size: |
73728
|
|
|
6C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069186207.00000000006C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6C0000
|
| Size: |
4096
|
|
|
2C4F1CE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1CE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1CE4000
|
| Size: |
126976
|
|
|
19398DD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DD6000
|
| Size: |
53248
|
|
|
7FFB9ABF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1222607335.00007FFB9ABF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABF0000
|
| Size: |
65536
|
|
|
7FFB9AB72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1131139522.00007FFB9AB72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB72000
|
| Size: |
57344
|
|
|
7FFC0C626000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.918266456.00007FFC0C626000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C626000
|
| Size: |
40960
|
|
|
7FFB9A9D3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.955582944.00007FFB9A9D3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9D3000
|
| Size: |
4096
|
|
|
2C4F9D0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1262106263.000002C4F9D0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D0E000
|
| Size: |
249856
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2423000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.0000000002423000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2423000
|
| Size: |
4096
|
|
|
7E66F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1129394433.000000007E66F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E66F000
|
| Size: |
49152
|
|
|
9EE977E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156561388.0000009EE977E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE977E000
|
| Size: |
8192
|
|
|
7FFB9AD40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1151835194.00007FFB9AD40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD40000
|
| Size: |
65536
|
|
|
7FFB9AC80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1244522639.00007FFB9AC80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC80000
|
| Size: |
65536
|
|
|
2402C402000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206290722.000002402C402000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C402000
|
| Size: |
4096
|
|
|
7FFB9AC50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957730307.00007FFB9AC50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC50000
|
| Size: |
65536
|
|
|
657000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1060134149.0000000000657000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
657000
|
| Size: |
4096
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1216586242.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
6FBDF7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2202700320.0000006FBDF7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBDF7E000
|
| Size: |
8192
|
|
|
2B12DE90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917384541.000002B12DE90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE90000
|
| Size: |
12288
|
|
|
7EC63000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1131521953.000000007EC63000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EC63000
|
| Size: |
4096
|
|
|
6FBE27E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2202999948.0000006FBE27E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE27E000
|
| Size: |
4096
|
|
|
7FFB9ACD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1271393651.00007FFB9ACD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACD0000
|
| Size: |
65536
|
|
|
1CC577D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1087103328.000001CC577D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC577D0000
|
| Size: |
61440
|
|
|
19398D24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398D24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398D24000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B18B783000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979040576.000000B18B783000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18B783000
|
| Size: |
53248
|
|
|
2402BC91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BC91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC91000
|
| Size: |
8192
|
|
|
2C4F1CDF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1CDF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1CDF000
|
| Size: |
16384
|
|
|
6FBE97E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203510040.0000006FBE97E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE97E000
|
| Size: |
4096
|
|
|
1E432990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E432990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432990000
|
| Size: |
8192
|
|
|
7FFB9AA96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1268057919.00007FFB9AA96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA96000
|
| Size: |
24576
|
|
|
1CC576D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1081379149.000001CC576D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC576D0000
|
| Size: |
20480
|
|
|
6370000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2205057549.0000000006370000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6370000
|
| Size: |
4096
|
|
|
193B0ED6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955325957.00000193B0ED6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0ED6000
|
| Size: |
172032
|
|
|
2114E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241505197.000000002114E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2114E000
|
| Size: |
8192
|
|
|
2261000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002261000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2261000
|
| Size: |
4096
|
|
|
1CC40701000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40701000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40701000
|
| Size: |
737280
|
|
|
7FFB9A9D3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1108880261.00007FFB9A9D3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9D3000
|
| Size: |
4096
|
|
|
1E42A71F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1198486334.000001E42A71F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E42A71F000
|
| Size: |
16384
|
|
|
474000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000E.00000000.992352416.0000000000474000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
474000
|
| Size: |
8192
|
|
|
21630000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110851151.0000000021630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21630000
|
| Size: |
4096
|
|
|
235E9FB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923414005.00000235E9FB0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235E9FB0000
|
| Size: |
4096
|
|
|
240311D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207058090.00000240311D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240311D0000
|
| Size: |
4096
|
|
|
7F980000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1029107436.000000007F980000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F980000
|
| Size: |
589824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2D4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213823288.0000000002D4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D4F000
|
| Size: |
4096
|
|
|
19396FA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396FA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396FA7000
|
| Size: |
4096
|
|
|
235EA191000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922137503.00000235EA191000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA191000
|
| Size: |
24576
|
|
|
7FFC0C632000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.918317905.00007FFC0C632000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C632000
|
| Size: |
8192
|
|
|
7FFB9ACA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1141113442.00007FFB9ACA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACA0000
|
| Size: |
65536
|
|
|
2268000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002268000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2268000
|
| Size: |
4096
|
|
|
1CC3D616000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D616000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D616000
|
| Size: |
20480
|
|
|
2EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203853462.0000000002EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC0000
|
| Size: |
16384
|
|
|
7FFB9ABE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1133866367.00007FFB9ABE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABE0000
|
| Size: |
65536
|
|
|
7FFB9AC70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1270619356.00007FFB9AC70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC70000
|
| Size: |
65536
|
|
|
193B0E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0E20000
|
| Size: |
69632
|
|
|
19398C80000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.952620781.0000019398C80000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
19398C80000
|
| Size: |
4096
|
|
|
6FBED7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204011021.0000006FBED7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBED7E000
|
| Size: |
4096
|
|
|
478000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217166387.0000000000478000.00000004.00000001.01000000.0000000C.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
478000
|
| Size: |
8192
|
|
|
E1CD77D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.995745901.000000E1CD77D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD77D000
|
| Size: |
12288
|
|
|
235EA330000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923962193.00000235EA330000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA330000
|
| Size: |
16384
|
|
|
B18BDF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979388485.000000B18BDF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BDF9000
|
| Size: |
28672
|
|
|
747000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1214172559.0000000000747000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
747000
|
| Size: |
4096
|
|
|
240312E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207364248.00000240312E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312E5000
|
| Size: |
20480
|
|
|
E1CEB4C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005427768.000000E1CEB4C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CEB4C000
|
| Size: |
16384
|
|
|
7FFB9AB8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.956288298.00007FFB9AB8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB8A000
|
| Size: |
24576
|
|
|
1CC5771A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC5771A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC5771A000
|
| Size: |
16384
|
|
|
7FFB9ACA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957974947.00007FFB9ACA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACA0000
|
| Size: |
65536
|
|
|
7FFB9AAB6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1130068247.00007FFB9AAB6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAB6000
|
| Size: |
86016
|
|
|
2B12DDA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917840215.000002B12DDA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDA0000
|
| Size: |
8192
|
|
|
7FFB9A9E3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1218199101.00007FFB9A9E3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9E3000
|
| Size: |
4096
|
|
|
1CC4F8EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F8EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F8EB000
|
| Size: |
1769472
|
|
|
1CC3F808000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC3F808000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3F808000
|
| Size: |
2764800
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2C4F9D75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1264289496.000002C4F9D75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D75000
|
| Size: |
4096
|
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D0000
|
| Size: |
32768
|
|
|
2402CCA0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206754037.000002402CCA0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CCA0000
|
| Size: |
65536
|
|
|
7ECE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1040084765.000000007ECE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECE0000
|
| Size: |
458752
|
|
|
99F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1071893579.000000000099F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
99F000
|
| Size: |
4096
|
|
|
240D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.000000000240D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
240D000
|
| Size: |
4096
|
|
|
2C4E1690000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000009.00000002.1009013378.000002C4E1690000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
2C4E1690000
|
| Size: |
4096
|
|
|
2212000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002212000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2212000
|
| Size: |
4096
|
|
|
7FA0A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1140318411.000000007FA0A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FA0A000
|
| Size: |
4096
|
|
|
2C4DFC99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFC99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFC99000
|
| Size: |
212992
|
|
|
2E50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203687930.0000000002E50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E50000
|
| Size: |
4096
|
|
|
9EE9EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157097004.0000009EE9EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9EBE000
|
| Size: |
8192
|
|
|
295C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.995423263.000000000295C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
295C000
|
| Size: |
2330624
|
|
|
7F630000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1139270074.000000007F630000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F630000
|
| Size: |
4096
|
|
|
21661000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1213711301.0000000021661000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21661000
|
| Size: |
65536
|
|
|
5994EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923210804.0000005994EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5994EFE000
|
| Size: |
8192
|
|
|
7FFB9AD00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1248185433.00007FFB9AD00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD00000
|
| Size: |
4096
|
|
|
2C4E32BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E32BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E32BD000
|
| Size: |
1556480
|
|
|
79F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000079F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79F000
|
| Size: |
12288
|
|
|
7FFB9ABA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1221740651.00007FFB9ABA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABA0000
|
| Size: |
12288
|
|
|
20F4E000
|
stack
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1110441477.0000000020F4E000.00000040.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page execute and read and write
|
| Base address: |
20F4E000
|
| Size: |
4096
|
|
|
2B12DEDD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916993139.000002B12DEDD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEDD000
|
| Size: |
4096
|
|
|
7FFB9ADC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1152504433.00007FFB9ADC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ADC0000
|
| Size: |
8192
|
|
|
7E2C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1047983671.000000007E2C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E2C0000
|
| Size: |
1634304
|
|
|
B18CC4A000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979645547.000000B18CC4A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18CC4A000
|
| Size: |
24576
|
|
|
237F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1222811079.000000000237F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
237F000
|
| Size: |
4096
|
|
|
1CC3D5D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5D3000
|
| Size: |
12288
|
|
|
2C4F1D04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1D04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1D04000
|
| Size: |
241664
|
|
|
1CC413BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC413BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC413BB000
|
| Size: |
139264
|
|
|
7FFB9ACD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1247298088.00007FFB9ACD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACD0000
|
| Size: |
65536
|
|
|
672015E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950771340.000000672015E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672015E000
|
| Size: |
8192
|
|
|
7FFB9ACE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958148557.00007FFB9ACE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACE0000
|
| Size: |
36864
|
|
|
7FFB9AB91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1221212494.00007FFB9AB91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB91000
|
| Size: |
32768
|
|
|
2B12DDDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896492224.000002B12DDDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDDB000
|
| Size: |
16384
|
|
|
2139F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110640636.000000002139F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2139F000
|
| Size: |
4096
|
|
|
7FB30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1141968902.000000007FB30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FB30000
|
| Size: |
806912
|
|
|
2C4DFEE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1008808768.000002C4DFEE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFEE5000
|
| Size: |
40960
|
|
|
2C4F9EE0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1265795056.000002C4F9EE0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2C4F9EE0000
|
| Size: |
4096
|
|
|
1CC578F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1089379408.000001CC578F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC578F9000
|
| Size: |
712704
|
|
|
2B12DDDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917554849.000002B12DDDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDDB000
|
| Size: |
4096
|
|
|
74A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000074A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
74A000
|
| Size: |
4096
|
|
|
313C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1041029604.000000000313C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
313C000
|
| Size: |
24576
|
|
|
2100000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220731691.0000000002100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2100000
|
| Size: |
4096
|
|
|
7FFB9ADD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1152911216.00007FFB9ADD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ADD0000
|
| Size: |
65536
|
|
|
B18BF7B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979473601.000000B18BF7B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BF7B000
|
| Size: |
20480
|
|
|
B18BFFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979498404.000000B18BFFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BFFE000
|
| Size: |
8192
|
|
|
2C4F9D0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1262106263.000002C4F9D0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D0C000
|
| Size: |
4096
|
|
|
21650000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1216353620.0000000021650000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
21650000
|
| Size: |
4096
|
|
|
71E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220217982.000000000071E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
71E000
|
| Size: |
8192
|
|
|
7FFB9ACC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1148865962.00007FFB9ACC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACC0000
|
| Size: |
65536
|
|
|
7FFB9AC70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1139248920.00007FFB9AC70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC70000
|
| Size: |
65536
|
|
|
E1CD8FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.996223072.000000E1CD8FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD8FF000
|
| Size: |
4096
|
|
|
7FFB9AC00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957505597.00007FFB9AC00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC00000
|
| Size: |
65536
|
|
|
7FFB9ABB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1221850482.00007FFB9ABB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABB0000
|
| Size: |
4096
|
|
|
7FFB9AE00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1153963206.00007FFB9AE00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AE00000
|
| Size: |
4096
|
|
|
21660000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241880969.0000000021660000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21660000
|
| Size: |
245760
|
|
|
19396F7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396F7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396F7F000
|
| Size: |
20480
|
|
|
6FBE17C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2202898125.0000006FBE17C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE17C000
|
| Size: |
16384
|
|
|
1CC40555000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40555000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40555000
|
| Size: |
32768
|
|
|
7E600000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1129394433.000000007E600000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E600000
|
| Size: |
4096
|
|
|
4DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204711961.0000000004DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DCF000
|
| Size: |
4096
|
|
|
2C4F9CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1262106263.000002C4F9CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9CD0000
|
| Size: |
237568
|
|
|
6FBF07E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204400211.0000006FBF07E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBF07E000
|
| Size: |
8192
|
|
|
7FFB9AC10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1224181868.00007FFB9AC10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC10000
|
| Size: |
65536
|
|
|
2CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041053887.0000000002CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CB0000
|
| Size: |
20480
|
|
|
193B10B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955484547.00000193B10B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B10B0000
|
| Size: |
45056
|
|
|
293C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213722924.000000000293C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
293C000
|
| Size: |
16384
|
|
|
7FFB9AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1154218721.00007FFB9AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AE20000
|
| Size: |
65536
|
|
|
7FFB9AA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955722869.00007FFB9AA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA80000
|
| Size: |
4096
|
|
|
2C4F9D66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1264289496.000002C4F9D66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D66000
|
| Size: |
45056
|
|
|
5FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068740858.00000000005FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FE000
|
| Size: |
8192
|
|
|
7FFB9ABE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1222139169.00007FFB9ABE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABE0000
|
| Size: |
65536
|
|
|
2B12F8A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918133567.000002B12F8A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12F8A0000
|
| Size: |
4096
|
|
|
2C4F9D9D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1264289496.000002C4F9D9D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D9D000
|
| Size: |
204800
|
|
|
193B1460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955512716.00000193B1460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B1460000
|
| Size: |
4096
|
|
|
19396EB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951355134.0000019396EB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396EB0000
|
| Size: |
12288
|
|
|
21641000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1036275123.0000000021641000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21641000
|
| Size: |
466944
|
|
|
21AC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1044781061.0000000021AC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21AC4000
|
| Size: |
954368
|
|
|
2954000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074553091.0000000002954000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2954000
|
| Size: |
3264512
|
|
|
235EBF20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922843372.00000235EBF20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF20000
|
| Size: |
8192
|
|
|
9EE96FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156505704.0000009EE96FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE96FE000
|
| Size: |
8192
|
|
|
1CC57CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1102489802.000001CC57CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57CD0000
|
| Size: |
4096
|
|
|
E1CDCBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004706428.000000E1CDCBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDCBE000
|
| Size: |
8192
|
|
|
7FFB9AC20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957586244.00007FFB9AC20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC20000
|
| Size: |
65536
|
|
|
7ECA3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1033797948.000000007ECA3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECA3000
|
| Size: |
708608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2C4E1F02000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E1F02000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E1F02000
|
| Size: |
10485760
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFB9AB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1220638507.00007FFB9AB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB80000
|
| Size: |
4096
|
|
|
2FF0000
|
direct allocation
|
page readonly
|
|
|
|
| Name: |
0000000E.00000002.1092183873.0000000002FF0000.00000002.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page readonly
|
| Base address: |
2FF0000
|
| Size: |
4096
|
|
|
6FBE57C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203201836.0000006FBE57C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE57C000
|
| Size: |
16384
|
|
|
24031430000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1226381798.0000024031430000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24031430000
|
| Size: |
4096
|
|
|
7FFB9AD00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150667795.00007FFB9AD00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD00000
|
| Size: |
4096
|
|
|
79B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000079B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79B000
|
| Size: |
4096
|
|
|
7ED50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1023791006.000000007ED50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ED50000
|
| Size: |
4096
|
|
|
E1CDEBB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004941646.000000E1CDEBB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDEBB000
|
| Size: |
20480
|
|
|
1CC576D7000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1081379149.000001CC576D7000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC576D7000
|
| Size: |
12288
|
|
|
2C62000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1059200400.0000000002C62000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C62000
|
| Size: |
4096
|
|
|
7FFB9AE50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1155213891.00007FFB9AE50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AE50000
|
| Size: |
65536
|
|
|
5B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068714599.00000000005B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B0000
|
| Size: |
4096
|
|
|
7FFB9ACF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958230440.00007FFB9ACF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACF0000
|
| Size: |
4096
|
|
|
B18CCC7000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979672932.000000B18CCC7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18CCC7000
|
| Size: |
36864
|
|
|
7F980000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1022643560.000000007F980000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F980000
|
| Size: |
589824
|
|
|
6FBFBFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204979851.0000006FBFBFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBFBFE000
|
| Size: |
8192
|
|
|
6DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.00000000006DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
303104
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1CC40549000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40549000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40549000
|
| Size: |
12288
|
|
|
7FFB9AA86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1129461799.00007FFB9AA86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA86000
|
| Size: |
24576
|
|
|
2C4DFC40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005656473.000002C4DFC40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFC40000
|
| Size: |
16384
|
|
|
4840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204141308.0000000004840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4840000
|
| Size: |
8192
|
|
|
7FFC0C635000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.918317905.00007FFC0C635000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C635000
|
| Size: |
4096
|
|
|
7FFB9A9EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1124757849.00007FFB9A9EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9EB000
|
| Size: |
4096
|
|
|
2C4DFC30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005592654.000002C4DFC30000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFC30000
|
| Size: |
4096
|
|
|
2B12DE32000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917924233.000002B12DE32000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE32000
|
| Size: |
192512
|
|
|
193B0EAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0EAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0EAE000
|
| Size: |
53248
|
|
|
672093E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951081381.000000672093E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672093E000
|
| Size: |
8192
|
|
|
240311C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207035802.00000240311C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240311C0000
|
| Size: |
4096
|
|
|
6FBF27E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204635348.0000006FBF27E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBF27E000
|
| Size: |
4096
|
|
|
2B12DE64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917924233.000002B12DE64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE64000
|
| Size: |
49152
|
|
|
2182F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1111025769.000000002182F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2182F000
|
| Size: |
331776
|
|
|
2402BCB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BCB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BCB0000
|
| Size: |
4096
|
|
|
1E418AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162127435.000001E418AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418AE0000
|
| Size: |
4096
|
|
|
2D7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1038995362.0000000002D7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D7D000
|
| Size: |
4096
|
|
|
E1CDDBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004786098.000000E1CDDBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDDBE000
|
| Size: |
8192
|
|
|
47F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.992475294.000000000047F000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
47F000
|
| Size: |
1163264
|
|
|
21891000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1059989860.0000000021891000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21891000
|
| Size: |
65536
|
|
|
2B12DE93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917117082.000002B12DE93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE93000
|
| Size: |
77824
|
|
|
2124F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110573026.000000002124F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2124F000
|
| Size: |
4096
|
|
|
24031160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1224881062.0000024031160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031160000
|
| Size: |
4096
|
|
|
2C3B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1057669501.0000000002C3B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C3B000
|
| Size: |
94208
|
|
|
B18C07E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979518814.000000B18C07E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18C07E000
|
| Size: |
8192
|
|
|
2D7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041143992.0000000002D7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D7D000
|
| Size: |
4096
|
|
|
1CC3F430000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980608398.000001CC3F430000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3F430000
|
| Size: |
4096
|
|
|
1CC4F601000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F601000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F601000
|
| Size: |
8192
|
|
|
7FFB9ABB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1132491981.00007FFB9ABB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABB2000
|
| Size: |
4096
|
|
|
193B0EAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0EAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0EAB000
|
| Size: |
8192
|
|
|
1CC3D7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980261212.000001CC3D7E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D7E0000
|
| Size: |
4096
|
|
|
193991C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.00000193991C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193991C7000
|
| Size: |
114688
|
|
|
7FFC0C610000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.924172744.00007FFC0C610000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C610000
|
| Size: |
4096
|
|
|
2B12DE9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917177299.000002B12DE9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE9B000
|
| Size: |
45056
|
|
|
19398C66000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.952567235.0000019398C66000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
19398C66000
|
| Size: |
8192
|
|
|
1E418A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1161816341.000001E418A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418A87000
|
| Size: |
32768
|
|
|
2402BC40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205716970.000002402BC40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC40000
|
| Size: |
106496
|
|
|
9EE9D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156995051.0000009EE9D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9D3E000
|
| Size: |
8192
|
|
|
2C4E3826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E3826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E3826000
|
| Size: |
53248
|
|
|
240310D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1218624995.00000240310D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310D4000
|
| Size: |
4096
|
|
|
59954FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923346682.00000059954FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59954FE000
|
| Size: |
8192
|
|
|
7E8D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1033350942.000000007E8D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E8D0000
|
| Size: |
4096
|
|
|
24031160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206985693.0000024031160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031160000
|
| Size: |
4096
|
|
|
6FBF57B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204834612.0000006FBF57B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBF57B000
|
| Size: |
20480
|
|
|
4D0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204477196.0000000004D0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D0C000
|
| Size: |
16384
|
|
|
59956FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923369866.00000059956FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59956FB000
|
| Size: |
20480
|
|
|
193987C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952024382.00000193987C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193987C0000
|
| Size: |
4096
|
|
|
639000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217550294.0000000000639000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
639000
|
| Size: |
20480
|
|
|
2B12FBF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896434800.000002B12FBF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FBF1000
|
| Size: |
32768
|
|
|
1E418B55000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162870546.000001E418B55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418B55000
|
| Size: |
28672
|
|
|
214FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241713700.00000000214FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
214FE000
|
| Size: |
8192
|
|
|
67206F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950926070.00000067206F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67206F9000
|
| Size: |
28672
|
|
|
2C4E17E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1010014061.000002C4E17E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4E17E0000
|
| Size: |
4096
|
|
|
67201DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950793327.00000067201DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67201DE000
|
| Size: |
8192
|
|
|
672047E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950810566.000000672047E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672047E000
|
| Size: |
8192
|
|
|
2402BAB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205179253.000002402BAB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BAB0000
|
| Size: |
12288
|
|
|
2B12DE8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917252739.000002B12DE8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE8F000
|
| Size: |
16384
|
|
|
7FFB9AC30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1226320233.00007FFB9AC30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC30000
|
| Size: |
65536
|
|
|
2C4DFCDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFCDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFCDB000
|
| Size: |
4096
|
|
|
2B12DE89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917300605.000002B12DE89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE89000
|
| Size: |
24576
|
|
|
2438000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.0000000002438000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2438000
|
| Size: |
4096
|
|
|
1E41A72B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A72B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A72B000
|
| Size: |
208896
|
|
|
7FFB9AE30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1154563517.00007FFB9AE30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AE30000
|
| Size: |
65536
|
|
|
E1CDB37000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.997957745.000000E1CDB37000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDB37000
|
| Size: |
36864
|
|
|
2C36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1057732675.0000000002C36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C36000
|
| Size: |
4096
|
|
|
2F40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1040880105.0000000002F40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F40000
|
| Size: |
20480
|
|
|
2D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213805073.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D0E000
|
| Size: |
8192
|
|
|
20F4B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110392004.0000000020F4B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20F4B000
|
| Size: |
12288
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918294414.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
240312C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207364248.00000240312C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312C9000
|
| Size: |
110592
|
|
|
3017000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1092779106.0000000003017000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3017000
|
| Size: |
57344
|
|
|
6FBE47E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203138790.0000006FBE47E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE47E000
|
| Size: |
4096
|
|
|
7FFC0C632000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.958458015.00007FFC0C632000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C632000
|
| Size: |
8192
|
|
|
6FBE67E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203269179.0000006FBE67E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE67E000
|
| Size: |
4096
|
|
|
7FFB9AA90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956031726.00007FFB9AA90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA90000
|
| Size: |
24576
|
|
|
2B12DE61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917447805.000002B12DE61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE61000
|
| Size: |
61440
|
|
|
2C4DFC60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005723725.000002C4DFC60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFC60000
|
| Size: |
4096
|
|
|
2C4F9F5E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266775381.000002C4F9F5E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F5E000
|
| Size: |
45056
|
|
|
7FFB9AAF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956108809.00007FFB9AAF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAF0000
|
| Size: |
16384
|
|
|
E1CEACD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005373982.000000E1CEACD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CEACD000
|
| Size: |
12288
|
|
|
23E2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.00000000023E2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2000
|
| Size: |
4096
|
|
|
1CC57A43000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1099746349.000001CC57A43000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A43000
|
| Size: |
32768
|
|
|
1CC3F666000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC3F666000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3F666000
|
| Size: |
1683456
|
|
|
2B12FC02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916852258.000002B12FC02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FC02000
|
| Size: |
36864
|
|
|
24CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074287088.00000000024CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
24CE000
|
| Size: |
8192
|
|
|
3047000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1227957786.0000000003047000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3047000
|
| Size: |
4096
|
|
|
690000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069061321.0000000000690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
690000
|
| Size: |
8192
|
|
|
1E432E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1217819486.000001E432E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432E90000
|
| Size: |
4096
|
|
|
235EBF1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.917631425.00000235EBF1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF1A000
|
| Size: |
28672
|
|
|
21F10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1115603912.0000000021F10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
21F10000
|
| Size: |
507904
|
|
|
2402BD13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206240048.000002402BD13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BD13000
|
| Size: |
24576
|
|
|
7FFB9ACE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1271651498.00007FFB9ACE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACE0000
|
| Size: |
4096
|
|
|
482E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204059258.000000000482E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
482E000
|
| Size: |
8192
|
|
|
4D8D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204630615.0000000004D8D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D8D000
|
| Size: |
12288
|
|
|
22F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072119650.00000000022F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22F6000
|
| Size: |
12288
|
|
|
7FFB9ABC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1132828994.00007FFB9ABC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABC0000
|
| Size: |
45056
|
|
|
7F970000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1005591829.000000007F970000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F970000
|
| Size: |
1634304
|
|
|
7FFB9ADF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1153605147.00007FFB9ADF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ADF0000
|
| Size: |
65536
|
|
|
2C4E3548000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E3548000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E3548000
|
| Size: |
3002368
|
|
|
7FFB9AC40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1227143347.00007FFB9AC40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC40000
|
| Size: |
65536
|
|
|
2B12DE89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917384541.000002B12DE89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE89000
|
| Size: |
24576
|
|
|
2402BC96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BC96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC96000
|
| Size: |
36864
|
|
|
1CC3D5DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5DB000
|
| Size: |
4096
|
|
|
235EA1EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.921938844.00000235EA1EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1EA000
|
| Size: |
4096
|
|
|
19398CC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398CC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398CC1000
|
| Size: |
102400
|
|
|
6FBE07E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2202767002.0000006FBE07E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE07E000
|
| Size: |
4096
|
|
|
7FFB9AB82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1268726413.00007FFB9AB82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB82000
|
| Size: |
16384
|
|
|
1CC4F8D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F8D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F8D2000
|
| Size: |
16384
|
|
|
1CC577A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1087103328.000001CC577A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC577A6000
|
| Size: |
167936
|
|
|
7FFC0C626000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.958406247.00007FFC0C626000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C626000
|
| Size: |
40960
|
|
|
7FFB9AC50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1138334801.00007FFB9AC50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC50000
|
| Size: |
65536
|
|
|
2C4E34AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E34AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E34AD000
|
| Size: |
77824
|
|
|
2B12DEDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917277331.000002B12DEDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEDB000
|
| Size: |
8192
|
|
|
19398800000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952055248.0000019398800000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398800000
|
| Size: |
8192
|
|
|
235EA1B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922018640.00000235EA1B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1B4000
|
| Size: |
217088
|
|
|
7FFC0C626000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.924259473.00007FFC0C626000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C626000
|
| Size: |
40960
|
|
|
5EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217550294.00000000005EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5EA000
|
| Size: |
8192
|
|
|
737000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1038402654.0000000000737000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
737000
|
| Size: |
77824
|
|
|
1E418B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162242934.000001E418B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E418B00000
|
| Size: |
65536
|
|
|
1F860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2217553296.000000001F860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F860000
|
| Size: |
32768
|
|
|
1CC3D870000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980447277.000001CC3D870000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3D870000
|
| Size: |
65536
|
|
|
2F90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213936912.0000000002F90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F90000
|
| Size: |
24576
|
|
|
235EA335000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923962193.00000235EA335000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA335000
|
| Size: |
28672
|
|
|
2402BC8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BC8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC8D000
|
| Size: |
4096
|
|
|
7F980000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1026602391.000000007F980000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F980000
|
| Size: |
589824
|
|
|
24031255000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207211203.0000024031255000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031255000
|
| Size: |
12288
|
|
|
2402BC5B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205793688.000002402BC5B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC5B000
|
| Size: |
69632
|
|
|
6FBD7AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2202419856.0000006FBD7AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBD7AB000
|
| Size: |
20480
|
|
|
749000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.0000000000749000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
749000
|
| Size: |
40960
|
|
|
2C4F9F6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266775381.000002C4F9F6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F6D000
|
| Size: |
98304
|
|
|
235EA197000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922018640.00000235EA197000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA197000
|
| Size: |
106496
|
|
|
1CC413E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC413E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC413E0000
|
| Size: |
118784
|
|
|
2129E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110600568.000000002129E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2129E000
|
| Size: |
8192
|
|
|
24032000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207587587.0000024032000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24032000000
|
| Size: |
4096
|
|
|
1E432993000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E432993000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432993000
|
| Size: |
4096
|
|
|
C65E3FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917740820.000000C65E3FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E3FE000
|
| Size: |
8192
|
|
|
C65DEFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917655152.000000C65DEFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65DEFE000
|
| Size: |
8192
|
|
|
2B12DE7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917023281.000002B12DE7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE7B000
|
| Size: |
176128
|
|
|
7ECD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1243255832.000000007ECD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECD0000
|
| Size: |
4096
|
|
|
2B12DDDE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917892682.000002B12DDDE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDDE000
|
| Size: |
4096
|
|
|
6DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.00000000006DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DA000
|
| Size: |
8192
|
|
|
1CC40031000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40031000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40031000
|
| Size: |
1671168
|
|
|
1E41A711000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A711000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A711000
|
| Size: |
102400
|
|
|
213FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241671284.00000000213FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
213FE000
|
| Size: |
8192
|
|
|
C65E4FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917760986.000000C65E4FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E4FE000
|
| Size: |
8192
|
|
|
2402CCB0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206779844.000002402CCB0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CCB0000
|
| Size: |
65536
|
|
|
2C39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1057732675.0000000002C39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C39000
|
| Size: |
8192
|
|
|
2C4DFC90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFC90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFC90000
|
| Size: |
32768
|
|
|
2B12DE86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917384541.000002B12DE86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE86000
|
| Size: |
4096
|
|
|
1E41A873000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A873000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A873000
|
| Size: |
3420160
|
|
|
1CC3D6A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980183003.000001CC3D6A0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D6A0000
|
| Size: |
4096
|
|
|
7FFC0C610000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.958295019.00007FFC0C610000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C610000
|
| Size: |
4096
|
|
|
7FFB9AC70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1244112700.00007FFB9AC70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC70000
|
| Size: |
65536
|
|
|
7FFB9ACA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1245996802.00007FFB9ACA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACA0000
|
| Size: |
65536
|
|
|
2C08000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203224741.0000000002C08000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C08000
|
| Size: |
102400
|
|
|
235EBF1B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922162223.00000235EBF1B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF1B000
|
| Size: |
90112
|
|
|
235EA33C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922932247.00000235EA33C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA33C000
|
| Size: |
12288
|
|
|
1E418970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157378190.000001E418970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418970000
|
| Size: |
4096
|
|
|
2B12DE89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918020507.000002B12DE89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE89000
|
| Size: |
20480
|
|
|
6FBEB7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203827982.0000006FBEB7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBEB7E000
|
| Size: |
4096
|
|
|
21500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241767084.0000000021500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21500000
|
| Size: |
4096
|
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1216751166.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F0000
|
| Size: |
4096
|
|
|
24031243000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207160080.0000024031243000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031243000
|
| Size: |
49152
|
|
|
7FFB9ACF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1272141834.00007FFB9ACF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACF0000
|
| Size: |
65536
|
|
|
240310D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1218624995.00000240310D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310D0000
|
| Size: |
4096
|
|
|
7FFB9A9DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1124508458.00007FFB9A9DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9DD000
|
| Size: |
12288
|
|
|
7FFB9AC90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1270862278.00007FFB9AC90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC90000
|
| Size: |
65536
|
|
|
7FFB9ACB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1148645002.00007FFB9ACB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACB5000
|
| Size: |
45056
|
|
|
2C4E1710000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1009163792.000002C4E1710000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E1710000
|
| Size: |
65536
|
|
|
6FBEEFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204249812.0000006FBEEFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBEEFE000
|
| Size: |
8192
|
|
|
240311E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207080944.00000240311E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240311E0000
|
| Size: |
4096
|
|
|
28F2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.00000000028F2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F2000
|
| Size: |
77824
|
|
|
2CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041016618.0000000002CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CA0000
|
| Size: |
4096
|
|
|
1E418A81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1161671687.000001E418A81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418A81000
|
| Size: |
20480
|
|
|
235EBF11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.917631425.00000235EBF11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF11000
|
| Size: |
32768
|
|
|
7E760000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1211437484.000000007E760000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E760000
|
| Size: |
4096
|
|
|
7FFB9AAA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1219557684.00007FFB9AAA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAA0000
|
| Size: |
24576
|
|
|
7FFB9AC40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1137802353.00007FFB9AC40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC40000
|
| Size: |
65536
|
|
|
1CC57800000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1088984280.000001CC57800000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57800000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2C4FA170000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1267515410.000002C4FA170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4FA170000
|
| Size: |
4096
|
|
|
7FFB9ACE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150151368.00007FFB9ACE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACE0000
|
| Size: |
61440
|
|
|
214EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110735344.00000000214EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
214EE000
|
| Size: |
8192
|
|
|
7FFB9AB9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1268846205.00007FFB9AB9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB9A000
|
| Size: |
24576
|
|
|
1E4328E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1207759715.000001E4328E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1E4328E0000
|
| Size: |
20480
|
|
|
7FFB9A9ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1267762675.00007FFB9A9ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9ED000
|
| Size: |
12288
|
|
|
1CC3D800000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980282546.000001CC3D800000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1CC3D800000
|
| Size: |
4096
|
|
|
2402C3D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206267420.000002402C3D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402C3D1000
|
| Size: |
4096
|
|
|
7FFB9AD03000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150732144.00007FFB9AD03000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD03000
|
| Size: |
28672
|
|
|
745000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220315366.0000000000745000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
745000
|
| Size: |
12288
|
|
|
B18BA7F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979124958.000000B18BA7F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B18BA7F000
|
| Size: |
4096
|
|
|
7E6FF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1129948453.000000007E6FF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E6FF000
|
| Size: |
49152
|
|
|
1E418A1C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E418A1C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418A1C000
|
| Size: |
409600
|
|
|
2402BCA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BCA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BCA3000
|
| Size: |
49152
|
|
|
21BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1044781061.0000000021BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21BC1000
|
| Size: |
16384
|
|
|
7FFB9ABA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956756213.00007FFB9ABA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABA0000
|
| Size: |
4096
|
|
|
E1CDA79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.997113097.000000E1CDA79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDA79000
|
| Size: |
28672
|
|
|
67207B7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950969599.00000067207B7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67207B7000
|
| Size: |
36864
|
|
|
2D80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203650432.0000000002D80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D80000
|
| Size: |
4096
|
|
|
7FFB9AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1153999092.00007FFB9AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AE10000
|
| Size: |
36864
|
|
|
2C23000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203224741.0000000002C23000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C23000
|
| Size: |
49152
|
|
|
7FFB9AC00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1135321504.00007FFB9AC00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC00000
|
| Size: |
65536
|
|
|
7A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.00000000007A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A3000
|
| Size: |
24576
|
|
|
BBFDEFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947250216.000000BBFDEFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBFDEFF000
|
| Size: |
4096
|
|
|
2165F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1216353620.000000002165F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2165F000
|
| Size: |
4096
|
|
|
7FFC0C611000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000007.00000002.958365888.00007FFC0C611000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFC0C611000
|
| Size: |
86016
|
|
|
2E80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203785581.0000000002E80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E80000
|
| Size: |
4096
|
|
|
24031250000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207211203.0000024031250000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031250000
|
| Size: |
4096
|
|
|
235EA18F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922593487.00000235EA18F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA18F000
|
| Size: |
8192
|
|
|
24031090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1241717161.0000024031090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031090000
|
| Size: |
4096
|
|
|
2C4F9F5C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266775381.000002C4F9F5C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F5C000
|
| Size: |
4096
|
|
|
2C4F9E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1265642396.000002C4F9E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9E00000
|
| Size: |
12288
|
|
|
2AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203018742.0000000002AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AE0000
|
| Size: |
16384
|
|
|
28ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1040759216.00000000028ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28ED000
|
| Size: |
12288
|
|
|
23F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.00000000023F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23F0000
|
| Size: |
8192
|
|
|
7F490000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1134078625.000000007F490000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F490000
|
| Size: |
864256
|
|
|
235EBF22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922187707.00000235EBF22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF22000
|
| Size: |
61440
|
|
|
212AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241596285.00000000212AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
212AE000
|
| Size: |
8192
|
|
|
241C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.000000000241C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
241C000
|
| Size: |
4096
|
|
|
6720ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951207931.0000006720ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6720ABE000
|
| Size: |
8192
|
|
|
19398DD3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DD3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DD3000
|
| Size: |
8192
|
|
|
2B12DEDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916721304.000002B12DEDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEDB000
|
| Size: |
217088
|
|
|
7FFB9ACB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1246437362.00007FFB9ACB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACB0000
|
| Size: |
65536
|
|
|
7FFB9AB81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1131545322.00007FFB9AB81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB81000
|
| Size: |
32768
|
|
|
7FFB9A9E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1218051196.00007FFB9A9E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9E2000
|
| Size: |
4096
|
|
|
240312FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207498516.00000240312FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312FE000
|
| Size: |
12288
|
|
|
29D478F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947406039.0000029D478F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D478F5000
|
| Size: |
12288
|
|
|
21760000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1214245687.0000000021760000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
21760000
|
| Size: |
180224
|
|
|
6FBF0FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204483027.0000006FBF0FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBF0FE000
|
| Size: |
8192
|
|
|
19398DE7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DE7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DE7000
|
| Size: |
8192
|
|
|
7FFB9A9FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1267830856.00007FFB9A9FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9FB000
|
| Size: |
4096
|
|
|
6A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069144709.00000000006A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A0000
|
| Size: |
4096
|
|
|
2402C513000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206425869.000002402C513000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C513000
|
| Size: |
28672
|
|
|
7EAB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1130942136.000000007EAB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EAB0000
|
| Size: |
4096
|
|
|
77B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.000000000077B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
77B000
|
| Size: |
126976
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2C4DFEE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1008808768.000002C4DFEE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFEE0000
|
| Size: |
16384
|
|
|
19398CDB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398CDB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398CDB000
|
| Size: |
208896
|
|
|
1E41A829000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A829000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A829000
|
| Size: |
8192
|
|
|
B18BCF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979247818.000000B18BCF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BCF9000
|
| Size: |
28672
|
|
|
7EDDF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1026012626.000000007EDDF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EDDF000
|
| Size: |
200704
|
|
|
7FFB9AC60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1138853743.00007FFB9AC60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC60000
|
| Size: |
65536
|
|
|
7FFB9A9D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1122332386.00007FFB9A9D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9D4000
|
| Size: |
36864
|
|
|
9EE99FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156787144.0000009EE99FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE99FF000
|
| Size: |
4096
|
|
|
47A000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000E.00000000.992352416.000000000047A000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
47A000
|
| Size: |
12288
|
|
|
3051000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1227957786.0000000003051000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3051000
|
| Size: |
16384
|
|
|
1CC3D810000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980304271.000001CC3D810000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1CC3D810000
|
| Size: |
4096
|
|
|
2100E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241417776.000000002100E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2100E000
|
| Size: |
8192
|
|
|
240312C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207275390.00000240312C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312C0000
|
| Size: |
32768
|
|
|
9EE9B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156925417.0000009EE9B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9B3F000
|
| Size: |
4096
|
|
|
2912000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002912000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2912000
|
| Size: |
4096
|
|
|
A9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1071932364.0000000000A9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A9F000
|
| Size: |
4096
|
|
|
2C4F9F33000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1266445404.000002C4F9F33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F33000
|
| Size: |
94208
|
|
|
24031430000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1226427788.0000024031430000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24031430000
|
| Size: |
4096
|
|
|
7FFB9AC90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957918950.00007FFB9AC90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC90000
|
| Size: |
65536
|
|
|
240310B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206918269.00000240310B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310B0000
|
| Size: |
4096
|
|
|
7FFB9AD3C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1151493703.00007FFB9AD3C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD3C000
|
| Size: |
8192
|
|
|
2C4DFD1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFD1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFD1D000
|
| Size: |
466944
|
|
|
7FFB9AB91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1268846205.00007FFB9AB91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB91000
|
| Size: |
32768
|
|
|
1CC407F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC407F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC407F0000
|
| Size: |
598016
|
|
|
193A8CCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954631979.00000193A8CCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193A8CCF000
|
| Size: |
393216
|
|
|
19398E23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398E23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398E23000
|
| Size: |
20480
|
|
|
7ED50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1132324849.000000007ED50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ED50000
|
| Size: |
4096
|
|
|
193B0E71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954970149.00000193B0E71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0E71000
|
| Size: |
4096
|
|
|
1CC401D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC401D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC401D8000
|
| Size: |
1585152
|
|
|
6FBFC7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2205058872.0000006FBFC7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBFC7E000
|
| Size: |
4096
|
|
|
1CC3D7A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980231613.000001CC3D7A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D7A0000
|
| Size: |
8192
|
|
|
7FFB9ABE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1269301123.00007FFB9ABE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABE0000
|
| Size: |
65536
|
|
|
7F630000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1244106483.000000007F630000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F630000
|
| Size: |
4096
|
|
|
9EE987F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156658053.0000009EE987F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE987F000
|
| Size: |
4096
|
|
|
7FFB9AC80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1139646446.00007FFB9AC80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC80000
|
| Size: |
65536
|
|
|
21BD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1115383978.0000000021BD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21BD5000
|
| Size: |
4096
|
|
|
240310C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206940731.00000240310C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310C0000
|
| Size: |
4096
|
|
|
29E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213770305.00000000029E0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29E0000
|
| Size: |
4096
|
|
|
1CC3D5EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5EF000
|
| Size: |
16384
|
|
|
235EBF23000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924111049.00000235EBF23000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF23000
|
| Size: |
45056
|
|
|
2402C940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206504640.000002402C940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402C940000
|
| Size: |
4096
|
|
|
B18BC7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979217024.000000B18BC7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BC7F000
|
| Size: |
4096
|
|
|
29D47590000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947265372.0000029D47590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D47590000
|
| Size: |
28672
|
|
|
20E48000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E48000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E48000
|
| Size: |
16384
|
|
|
2D7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000003.1039099838.0000000002D7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D7D000
|
| Size: |
4096
|
|
|
24031262000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207275390.0000024031262000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031262000
|
| Size: |
176128
|
|
|
3025000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1092973436.0000000003025000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3025000
|
| Size: |
20480
|
|
|
2B12FC0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916852258.000002B12FC0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FC0D000
|
| Size: |
4096
|
|
|
7E580000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1215783312.000000007E580000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E580000
|
| Size: |
4096
|
|
|
2490000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000015.00000002.1222985239.0000000002490000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2490000
|
| Size: |
4096
|
|
|
7FFB9AB70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.956175090.00007FFB9AB70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB70000
|
| Size: |
65536
|
|
|
7FFB9AD29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150942632.00007FFB9AD29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD29000
|
| Size: |
28672
|
|
|
2402BC13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205589113.000002402BC13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC13000
|
| Size: |
94208
|
|
|
7FFB9AD10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1272506578.00007FFB9AD10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD10000
|
| Size: |
4096
|
|
|
20E01000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E01000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E01000
|
| Size: |
61440
|
|
|
24031430000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1226407765.0000024031430000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
24031430000
|
| Size: |
4096
|
|
|
29D478F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947406039.0000029D478F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D478F0000
|
| Size: |
12288
|
|
|
235EA17B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922543626.00000235EA17B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA17B000
|
| Size: |
40960
|
|
|
6720837000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951002238.0000006720837000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6720837000
|
| Size: |
24576
|
|
|
1CC408E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC408E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC408E7000
|
| Size: |
225280
|
|
|
2B12FBFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896434800.000002B12FBFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FBFA000
|
| Size: |
28672
|
|
|
E1CDABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.997593372.000000E1CDABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDABE000
|
| Size: |
8192
|
|
|
1CC3D8A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980493770.000001CC3D8A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D8A5000
|
| Size: |
40960
|
|
|
1E4189AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E4189AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4189AF000
|
| Size: |
122880
|
|
|
9EE97FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156602996.0000009EE97FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE97FE000
|
| Size: |
8192
|
|
|
1E41A700000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1163130171.000001E41A700000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1E41A700000
|
| Size: |
4096
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924290006.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
1CC3D5CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5CF000
|
| Size: |
4096
|
|
|
7FFB9A9D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955561046.00007FFB9A9D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9D2000
|
| Size: |
4096
|
|
|
7F990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1140318411.000000007F990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F990000
|
| Size: |
282624
|
|
|
72C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.000000000072C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
72C000
|
| Size: |
81920
|
|
|
63F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217550294.000000000063F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63F000
|
| Size: |
36864
|
|
|
2C4DFED0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1008768052.000002C4DFED0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4DFED0000
|
| Size: |
4096
|
|
|
2EC6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203853462.0000000002EC6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC6000
|
| Size: |
12288
|
|
|
7FFB9ACF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150545489.00007FFB9ACF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACF0000
|
| Size: |
16384
|
|
|
235EBF2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922910460.00000235EBF2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF2E000
|
| Size: |
12288
|
|
|
2B12DE7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917300605.000002B12DE7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE7B000
|
| Size: |
49152
|
|
|
1CC40964000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40964000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40964000
|
| Size: |
245760
|
|
|
6FBECFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203907858.0000006FBECFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBECFE000
|
| Size: |
8192
|
|
|
2BFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203158107.0000000002BFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BFF000
|
| Size: |
4096
|
|
|
2513000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074425140.0000000002513000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2513000
|
| Size: |
8192
|
|
|
1E4329AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1213929082.000001E4329AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4329AA000
|
| Size: |
122880
|
|
|
E1CD97D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.996463129.000000E1CD97D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD97D000
|
| Size: |
12288
|
|
|
7FFB9ACD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1149995119.00007FFB9ACD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACD0000
|
| Size: |
24576
|
|
|
1CC3F448000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980631056.000001CC3F448000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3F448000
|
| Size: |
798720
|
|
|
C65E7FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917799054.000000C65E7FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E7FC000
|
| Size: |
16384
|
|
|
7FFB9ABB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1132491981.00007FFB9ABB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABB8000
|
| Size: |
4096
|
|
|
6FBEA7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203635556.0000006FBEA7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBEA7E000
|
| Size: |
4096
|
|
|
21640000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110922054.0000000021640000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21640000
|
| Size: |
4096
|
|
|
2110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220771055.0000000002110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2110000
|
| Size: |
4096
|
|
|
19396FAC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951526477.0000019396FAC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396FAC000
|
| Size: |
471040
|
|
|
2934000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002934000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2934000
|
| Size: |
8192
|
|
|
19396ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951387184.0000019396ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19396ED0000
|
| Size: |
4096
|
|
|
7FFB9A9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1126254060.00007FFB9A9F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9F0000
|
| Size: |
4096
|
|
|
7FFB9AC60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957791975.00007FFB9AC60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC60000
|
| Size: |
65536
|
|
|
2E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213913300.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E90000
|
| Size: |
16384
|
|
|
1CC579D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1089379408.000001CC579D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC579D5000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1E41A75F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A75F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A75F000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
235EA185000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.921683935.00000235EA185000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA185000
|
| Size: |
28672
|
|
|
7EC7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1018392803.000000007EC7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EC7D000
|
| Size: |
749568
|
|
|
24031010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206852223.0000024031010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031010000
|
| Size: |
4096
|
|
|
213AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241637601.00000000213AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
213AF000
|
| Size: |
4096
|
|
|
2F3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1040788177.0000000002F3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F3D000
|
| Size: |
12288
|
|
|
7FFB9AB82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1220638507.00007FFB9AB82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AB82000
|
| Size: |
57344
|
|
|
2402C502000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206379024.000002402C502000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C502000
|
| Size: |
32768
|
|
|
2104F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110494628.000000002104F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2104F000
|
| Size: |
4096
|
|
|
2ECA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203853462.0000000002ECA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ECA000
|
| Size: |
20480
|
|
|
2B12DEA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918082335.000002B12DEA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEA9000
|
| Size: |
204800
|
|
|
7FFB9AB00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1268636757.00007FFB9AB00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AB00000
|
| Size: |
20480
|
|
|
C65E2FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917718530.000000C65E2FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C65E2FF000
|
| Size: |
4096
|
|
|
2403130B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1324970324.000002403130B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2403130B000
|
| Size: |
4096
|
|
|
7FFB9AA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1219167183.00007FFB9AA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA90000
|
| Size: |
4096
|
|
|
7F980000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1024852798.000000007F980000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F980000
|
| Size: |
589824
|
|
|
7FFB9AD60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1152293856.00007FFB9AD60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD60000
|
| Size: |
36864
|
|
|
1E41AC3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41AC3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41AC3A000
|
| Size: |
4096
|
|
|
67200D3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950749802.00000067200D3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67200D3000
|
| Size: |
53248
|
|
|
2402CC60000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206633846.000002402CC60000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CC60000
|
| Size: |
65536
|
|
|
3055000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000015.00000002.1228277483.0000000003055000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3055000
|
| Size: |
4096
|
|
|
235EA2B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923926565.00000235EA2B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA2B0000
|
| Size: |
4096
|
|
|
20E24000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E24000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E24000
|
| Size: |
8192
|
|
|
2414000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.0000000002414000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2414000
|
| Size: |
8192
|
|
|
B18BEF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979447066.000000B18BEF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BEF9000
|
| Size: |
28672
|
|
|
7E580000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1063838753.000000007E580000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E580000
|
| Size: |
503808
|
|
|
1CC40F2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40F2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40F2E000
|
| Size: |
4763648
|
|
|
7EDDF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1027731781.000000007EDDF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EDDF000
|
| Size: |
200704
|
|
|
1E4328E6000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1207759715.000001E4328E6000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1E4328E6000
|
| Size: |
8192
|
|
|
2C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1058964356.0000000002C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C70000
|
| Size: |
32768
|
|
|
BBFDE7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947232393.000000BBFDE7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBFDE7F000
|
| Size: |
4096
|
|
|
294A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.000000000294A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
294A000
|
| Size: |
12288
|
|
|
24031200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207105706.0000024031200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031200000
|
| Size: |
114688
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFB9AAB6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.956065706.00007FFB9AAB6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAB6000
|
| Size: |
45056
|
|
|
7FFB9ACC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1246875112.00007FFB9ACC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACC0000
|
| Size: |
65536
|
|
|
E1CDBBC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004468498.000000E1CDBBC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDBBC000
|
| Size: |
16384
|
|
|
235EA150000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923585023.00000235EA150000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA150000
|
| Size: |
147456
|
|
|
24031290000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207275390.0000024031290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031290000
|
| Size: |
192512
|
|
|
20E3A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E3A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E3A000
|
| Size: |
16384
|
|
|
7FFB9A9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1218762999.00007FFB9A9F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9F0000
|
| Size: |
40960
|
|
|
E1CE9CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005278085.000000E1CE9CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CE9CF000
|
| Size: |
4096
|
|
|
2DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213850018.0000000002DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DA0000
|
| Size: |
20480
|
|
|
1CC5774E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC5774E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC5774E000
|
| Size: |
221184
|
|
|
2D50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041143992.0000000002D50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2D50000
|
| Size: |
40960
|
|
|
7FFB9AD30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1272926169.00007FFB9AD30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD30000
|
| Size: |
12288
|
|
|
1E418AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162093463.000001E418AD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E418AD0000
|
| Size: |
4096
|
|
|
2B12DE90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918036321.000002B12DE90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE90000
|
| Size: |
12288
|
|
|
2B12DF03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916753068.000002B12DF03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DF03000
|
| Size: |
53248
|
|
|
2402C500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206379024.000002402C500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C500000
|
| Size: |
4096
|
|
|
7FFB9AD30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1151493703.00007FFB9AD30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD30000
|
| Size: |
28672
|
|
|
474000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217166387.0000000000474000.00000004.00000001.01000000.0000000C.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
474000
|
| Size: |
12288
|
|
|
7FFB9A9E3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1267578410.00007FFB9A9E3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9E3000
|
| Size: |
4096
|
|
|
1CC3D780000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980205495.000001CC3D780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D780000
|
| Size: |
20480
|
|
|
1E41ABBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41ABBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41ABBD000
|
| Size: |
331776
|
|
|
20E41000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E41000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E41000
|
| Size: |
4096
|
|
|
1CC407B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC407B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC407B7000
|
| Size: |
229376
|
|
|
193B0F01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955325957.00000193B0F01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0F01000
|
| Size: |
69632
|
|
|
2C8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074553091.0000000002C8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C8A000
|
| Size: |
16384
|
|
|
7E45B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1047983671.000000007E45B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E45B000
|
| Size: |
8192
|
|
|
224C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.000000000224C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
224C000
|
| Size: |
4096
|
|
|
2402BC74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205793688.000002402BC74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC74000
|
| Size: |
4096
|
|
|
2C9E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1040964029.0000000002C9E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2C9E000
|
| Size: |
8192
|
|
|
67208B9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951062464.00000067208B9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67208B9000
|
| Size: |
28672
|
|
|
1CC40E47000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40E47000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40E47000
|
| Size: |
143360
|
|
|
7FFC0C610000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.918218902.00007FFC0C610000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FFC0C610000
|
| Size: |
4096
|
|
|
2C4DFEB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1008714341.000002C4DFEB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4DFEB0000
|
| Size: |
12288
|
|
|
2B12FBF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918158660.000002B12FBF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FBF0000
|
| Size: |
40960
|
|
|
2403122C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207160080.000002403122C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2403122C000
|
| Size: |
77824
|
|
|
5EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217550294.00000000005EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5EE000
|
| Size: |
299008
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1E432AF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1217442832.000001E432AF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1E432AF0000
|
| Size: |
4096
|
|
|
7E500000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1128107840.000000007E500000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E500000
|
| Size: |
503808
|
|
|
235EA120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923499981.00000235EA120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA120000
|
| Size: |
32768
|
|
|
1E42A783000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1198486334.000001E42A783000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E42A783000
|
| Size: |
40960
|
|
|
1CC3D5DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5DD000
|
| Size: |
12288
|
|
|
7FFB9AC10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1135859031.00007FFB9AC10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC10000
|
| Size: |
65536
|
|
|
5A2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.992475294.00000000005A2000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5A2000
|
| Size: |
12288
|
|
|
1CC401CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC401CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC401CA000
|
| Size: |
53248
|
|
|
2402D000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206806201.000002402D000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2402D000000
|
| Size: |
4096
|
|
|
7FFB9AAC6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1268380058.00007FFB9AAC6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAC6000
|
| Size: |
65536
|
|
|
193A8CC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954631979.00000193A8CC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193A8CC1000
|
| Size: |
53248
|
|
|
770000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.0000000000770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
770000
|
| Size: |
12288
|
|
|
1CC4035C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC4035C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4035C000
|
| Size: |
1994752
|
|
|
779000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1069243919.0000000000779000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
779000
|
| Size: |
4096
|
|
|
7FFB9ACE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1247757253.00007FFB9ACE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACE0000
|
| Size: |
20480
|
|
|
1E432B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1217584519.000001E432B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432B10000
|
| Size: |
24576
|
|
|
7FFB9ABD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1269270488.00007FFB9ABD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABD0000
|
| Size: |
4096
|
|
|
235EBF2F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924143740.00000235EBF2F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF2F000
|
| Size: |
8192
|
|
|
24031090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1217672425.0000024031090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031090000
|
| Size: |
360448
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFB9ACF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1247891773.00007FFB9ACF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACF0000
|
| Size: |
36864
|
|
|
1E4189DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E4189DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4189DA000
|
| Size: |
12288
|
|
|
24031302000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207498516.0000024031302000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
24031302000
|
| Size: |
4096
|
|
|
1CC57785000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1086422885.000001CC57785000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57785000
|
| Size: |
20480
|
|
|
5994DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923190681.0000005994DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5994DFE000
|
| Size: |
8192
|
|
|
1CC4F654000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F654000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F654000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
E1CDD3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004746185.000000E1CDD3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDD3E000
|
| Size: |
8192
|
|
|
2B12DE70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917300605.000002B12DE70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE70000
|
| Size: |
12288
|
|
|
1CC41400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC41400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC41400000
|
| Size: |
12288
|
|
|
2402BBF0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205423078.000002402BBF0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
2402BBF0000
|
| Size: |
4096
|
|
|
E1CD9FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.996805791.000000E1CD9FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD9FD000
|
| Size: |
12288
|
|
|
193A8D33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.954631979.00000193A8D33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193A8D33000
|
| Size: |
40960
|
|
|
4C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204395154.0000000004C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C4E000
|
| Size: |
8192
|
|
|
672067F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950910618.000000672067F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672067F000
|
| Size: |
4096
|
|
|
9EE9BBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1156960780.0000009EE9BBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9BBF000
|
| Size: |
4096
|
|
|
1CC4F5E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F5E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F5E1000
|
| Size: |
77824
|
|
|
2C4F9D80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1264289496.000002C4F9D80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9D80000
|
| Size: |
114688
|
|
|
7FFB9AD00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1272444243.00007FFB9AD00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD00000
|
| Size: |
8192
|
|
|
7FFB9AC40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957686769.00007FFB9AC40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC40000
|
| Size: |
65536
|
|
|
2B12DE87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917229403.000002B12DE87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE87000
|
| Size: |
49152
|
|
|
7FFB9ABD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1133317199.00007FFB9ABD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABD0000
|
| Size: |
65536
|
|
|
2CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041088652.0000000002CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CFE000
|
| Size: |
8192
|
|
|
1E41A837000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A837000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A837000
|
| Size: |
8192
|
|
|
2FF1000
|
direct allocation
|
page execute read
|
|
|
|
| Name: |
0000000E.00000002.1092221741.0000000002FF1000.00000020.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute read
|
| Base address: |
2FF1000
|
| Size: |
155648
|
|
|
7FFB9AC30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1270130297.00007FFB9AC30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC30000
|
| Size: |
65536
|
|
|
291F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.000000000291F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
291F000
|
| Size: |
4096
|
|
|
7FFB9AC50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1270360951.00007FFB9AC50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC50000
|
| Size: |
65536
|
|
|
20E7B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241218067.0000000020E7B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20E7B000
|
| Size: |
20480
|
|
|
1E418830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157246019.000001E418830000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418830000
|
| Size: |
4096
|
|
|
2B12DE7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917997809.000002B12DE7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE7B000
|
| Size: |
45056
|
|
|
2DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213871447.0000000002DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DEE000
|
| Size: |
8192
|
|
|
2E70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2203733408.0000000002E70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E70000
|
| Size: |
4096
|
|
|
6720B3B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951264019.0000006720B3B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6720B3B000
|
| Size: |
20480
|
|
|
7FFB9ABE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957354542.00007FFB9ABE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABE0000
|
| Size: |
65536
|
|
|
225A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.000000000225A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
225A000
|
| Size: |
8192
|
|
|
7FFB9ABB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1132491981.00007FFB9ABB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABB4000
|
| Size: |
12288
|
|
|
B18BE77000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979418109.000000B18BE77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BE77000
|
| Size: |
36864
|
|
|
1CC3FAAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC3FAAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3FAAD000
|
| Size: |
5779456
|
|
|
B18BBFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979190977.000000B18BBFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BBFA000
|
| Size: |
24576
|
|
|
2C50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1040910247.0000000002C50000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C50000
|
| Size: |
4096
|
|
|
235EA1EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923893069.00000235EA1EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1EA000
|
| Size: |
4096
|
|
|
2402BBB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205322320.000002402BBB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BBB0000
|
| Size: |
4096
|
|
|
6FBEE7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204176725.0000006FBEE7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBEE7E000
|
| Size: |
4096
|
|
|
2402BAD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205265611.000002402BAD0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BAD0000
|
| Size: |
4096
|
|
|
2C4F1E86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1E86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1E86000
|
| Size: |
1232896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1CC3D5E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5E1000
|
| Size: |
4096
|
|
|
20D7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1240970592.0000000020D7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20D7C000
|
| Size: |
16384
|
|
|
240311F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1217623128.00000240311F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240311F0000
|
| Size: |
8192
|
|
|
235EA129000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923499981.00000235EA129000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA129000
|
| Size: |
135168
|
|
|
2B12DE9D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918082335.000002B12DE9D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE9D000
|
| Size: |
36864
|
|
|
2403125B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207211203.000002403125B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2403125B000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7FFB9AAF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1130931115.00007FFB9AAF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAF0000
|
| Size: |
53248
|
|
|
2951000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002951000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2951000
|
| Size: |
4096
|
|
|
6FBDE7E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2202630604.0000006FBDE7E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBDE7E000
|
| Size: |
4096
|
|
|
2402CC70000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206673872.000002402CC70000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CC70000
|
| Size: |
65536
|
|
|
2B12DEA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917117082.000002B12DEA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEA9000
|
| Size: |
212992
|
|
|
2F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1040932064.0000000002F80000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F80000
|
| Size: |
4096
|
|
|
7FFB9A9E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1218255370.00007FFB9A9E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9E4000
|
| Size: |
36864
|
|
|
240312FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207478612.00000240312FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312FC000
|
| Size: |
4096
|
|
|
2402C400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206290722.000002402C400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C400000
|
| Size: |
4096
|
|
|
24031000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206828373.0000024031000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
24031000000
|
| Size: |
4096
|
|
|
240310C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1217801575.00000240310C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
240310C0000
|
| Size: |
8192
|
|
|
2C4F9F10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1265831190.000002C4F9F10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4F9F10000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFB9ABC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1221992900.00007FFB9ABC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABC2000
|
| Size: |
4096
|
|
|
7FFB9AD20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150942632.00007FFB9AD20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD20000
|
| Size: |
4096
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1155698403.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
7FFB9ADE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1153263329.00007FFB9ADE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ADE0000
|
| Size: |
65536
|
|
|
59952FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923279502.00000059952FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59952FE000
|
| Size: |
8192
|
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068357223.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F0000
|
| Size: |
4096
|
|
|
2C4E1B4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1010689137.000002C4E1B4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4E1B4C000
|
| Size: |
544768
|
|
|
1CC57720000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC57720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57720000
|
| Size: |
4096
|
|
|
672083E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951002238.000000672083E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672083E000
|
| Size: |
8192
|
|
|
2C4E38FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E38FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E38FC000
|
| Size: |
8192
|
|
|
20FCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241374492.0000000020FCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20FCF000
|
| Size: |
4096
|
|
|
1CC4F8CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1050453582.000001CC4F8CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC4F8CD000
|
| Size: |
12288
|
|
|
29ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1040828889.00000000029ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29ED000
|
| Size: |
12288
|
|
|
1CC3D5D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D5D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D5D1000
|
| Size: |
4096
|
|
|
6FBF37C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204722360.0000006FBF37C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBF37C000
|
| Size: |
16384
|
|
|
1CC57722000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1081575449.000001CC57722000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57722000
|
| Size: |
176128
|
|
|
2B12DE95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918063546.000002B12DE95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE95000
|
| Size: |
24576
|
|
|
301F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041323187.000000000301F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
223D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.000000000223D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
223D000
|
| Size: |
4096
|
|
|
7FFB9ABA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1269096862.00007FFB9ABA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABA0000
|
| Size: |
32768
|
|
|
7E120000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1128051312.000000007E120000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E120000
|
| Size: |
4096
|
|
|
1E418B25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162651577.000001E418B25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418B25000
|
| Size: |
20480
|
|
|
240312F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207364248.00000240312F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312F3000
|
| Size: |
16384
|
|
|
1CC41405000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC41405000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC41405000
|
| Size: |
49152
|
|
|
235EA19F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923803099.00000235EA19F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA19F000
|
| Size: |
73728
|
|
|
E1CE88E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005103699.000000E1CE88E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CE88E000
|
| Size: |
8192
|
|
|
235EA14B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923585023.00000235EA14B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA14B000
|
| Size: |
16384
|
|
|
7FFB9ACC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.958059022.00007FFB9ACC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACC0000
|
| Size: |
65536
|
|
|
7FFB9AA86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955787810.00007FFB9AA86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA86000
|
| Size: |
24576
|
|
|
297C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000017.00000002.1213750745.000000000297C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
23
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
297C000
|
| Size: |
16384
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068184268.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
2C4E16D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1009053747.000002C4E16D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E16D3000
|
| Size: |
4096
|
|
|
20FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220667781.00000000020FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20FE000
|
| Size: |
8192
|
|
|
1E432928000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1208168943.000001E432928000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432928000
|
| Size: |
299008
|
|
|
29D47790000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947390410.0000029D47790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D47790000
|
| Size: |
4096
|
|
|
235EA150000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922746331.00000235EA150000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA150000
|
| Size: |
147456
|
|
|
20E16000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E16000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E16000
|
| Size: |
4096
|
|
|
235EA174000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922543626.00000235EA174000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA174000
|
| Size: |
12288
|
|
|
2B12DDD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.917858675.000002B12DDD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DDD5000
|
| Size: |
24576
|
|
|
2431000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.0000000002431000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2431000
|
| Size: |
4096
|
|
|
22CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072009930.00000000022CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
22CC000
|
| Size: |
16384
|
|
|
4BCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204244372.0000000004BCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BCC000
|
| Size: |
16384
|
|
|
1E418A17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E418A17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418A17000
|
| Size: |
4096
|
|
|
478000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.2202403194.0000000000478000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
478000
|
| Size: |
36864
|
|
|
E1CDC39000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004571667.000000E1CDC39000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDC39000
|
| Size: |
28672
|
|
|
7FFB9AC30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1136932984.00007FFB9AC30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC30000
|
| Size: |
65536
|
|
|
2C4E17F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1010051065.000002C4E17F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4E17F5000
|
| Size: |
20480
|
|
|
20ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1241318147.0000000020ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20ECE000
|
| Size: |
8192
|
|
|
235EA33B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.917675636.00000235EA33B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA33B000
|
| Size: |
16384
|
|
|
30C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1041373562.00000000030C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30C0000
|
| Size: |
8192
|
|
|
2152E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110771493.000000002152E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2152E000
|
| Size: |
8192
|
|
|
2987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000003.1206182891.0000000002987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2987000
|
| Size: |
4096
|
|
|
1CC579C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1089379408.000001CC579C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC579C6000
|
| Size: |
57344
|
|
|
2958000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002958000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2958000
|
| Size: |
12288
|
|
|
240312EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207364248.00000240312EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
240312EB000
|
| Size: |
20480
|
|
|
235EA1B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923803099.00000235EA1B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1B4000
|
| Size: |
217088
|
|
|
235EA0B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923479965.00000235EA0B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA0B0000
|
| Size: |
8192
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000E.00000000.991423831.0000000000400000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
235EA19C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922717398.00000235EA19C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA19C000
|
| Size: |
8192
|
|
|
7FFB9AD24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1150942632.00007FFB9AD24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD24000
|
| Size: |
4096
|
|
|
27E5000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2202790991.00000000027E5000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
27E5000
|
| Size: |
45056
|
|
|
2C4E2902000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E2902000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E2902000
|
| Size: |
10141696
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
248E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074229149.000000000248E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
248E000
|
| Size: |
8192
|
|
|
20E1D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E1D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E1D000
|
| Size: |
20480
|
|
|
193B0FB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.955429846.00000193B0FB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
193B0FB0000
|
| Size: |
8192
|
|
|
19398CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952672197.0000019398CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19398CB0000
|
| Size: |
4096
|
|
|
1CC3D820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980327563.000001CC3D820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3D820000
|
| Size: |
16384
|
|
|
20E2C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1106214675.0000000020E2C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E2C000
|
| Size: |
4096
|
|
|
2C4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1058544543.0000000002C4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4B000
|
| Size: |
122880
|
|
|
E1CD87D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.996018552.000000E1CD87D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD87D000
|
| Size: |
12288
|
|
|
235EA090000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923449614.00000235EA090000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA090000
|
| Size: |
8192
|
|
|
235EA192000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923731883.00000235EA192000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA192000
|
| Size: |
20480
|
|
|
2C4DFCD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005754277.000002C4DFCD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C4DFCD5000
|
| Size: |
4096
|
|
|
2C52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000003.1059025208.0000000002C52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C52000
|
| Size: |
28672
|
|
|
1CC3F390000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980558738.000001CC3F390000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3F390000
|
| Size: |
4096
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1248305986.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
7EC90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1033797948.000000007EC90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EC90000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
7FFB9ABF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1134720494.00007FFB9ABF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABF0000
|
| Size: |
65536
|
|
|
213EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110677804.00000000213EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
213EE000
|
| Size: |
8192
|
|
|
20F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110466869.0000000020F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
20F4F000
|
| Size: |
4096
|
|
|
655000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1068849147.0000000000655000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
655000
|
| Size: |
12288
|
|
|
7FFB9ABD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1222069934.00007FFB9ABD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9ABD0000
|
| Size: |
4096
|
|
|
304C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1227957786.000000000304C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
304C000
|
| Size: |
4096
|
|
|
7FB0B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1005591829.000000007FB0B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FB0B000
|
| Size: |
8192
|
|
|
2402C415000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206353159.000002402C415000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C415000
|
| Size: |
4096
|
|
|
2B12DE73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917023281.000002B12DE73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE73000
|
| Size: |
16384
|
|
|
21890000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1112013633.0000000021890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21890000
|
| Size: |
249856
|
|
|
7FFB9ACE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1271651498.00007FFB9ACE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ACE2000
|
| Size: |
57344
|
|
|
2402CC80000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206702648.000002402CC80000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CC80000
|
| Size: |
65536
|
|
|
1E41A83D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41A83D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41A83D000
|
| Size: |
208896
|
|
|
2C4E1CC0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1013034867.000002C4E1CC0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2C4E1CC0000
|
| Size: |
4096
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220315366.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
16384
|
|
|
7E500000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1242740008.000000007E500000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E500000
|
| Size: |
4096
|
|
|
7FFB9AC50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1242132123.00007FFB9AC50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC50000
|
| Size: |
65536
|
|
|
2188F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1068017861.000000002188F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2188F000
|
| Size: |
4096
|
|
|
2B12DEA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917023281.000002B12DEA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DEA9000
|
| Size: |
212992
|
|
|
6FBE87E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2203401259.0000006FBE87E000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBE87E000
|
| Size: |
4096
|
|
|
2C4E1D59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E1D59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E1D59000
|
| Size: |
1712128
|
|
|
235EBF10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.924028935.00000235EBF10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF10000
|
| Size: |
20480
|
|
|
2C4E1CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E1CD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E1CD1000
|
| Size: |
544768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1E418AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1162015608.000001E418AB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E418AB0000
|
| Size: |
8192
|
|
|
19398B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952196173.0000019398B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398B70000
|
| Size: |
4096
|
|
|
19398E29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398E29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398E29000
|
| Size: |
2162688
|
|
|
7FFB9AD20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1272585174.00007FFB9AD20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD20000
|
| Size: |
65536
|
|
|
1E4328F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1208168943.000001E4328F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E4328F0000
|
| Size: |
192512
|
|
|
B18C1FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979598366.000000B18C1FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18C1FB000
|
| Size: |
20480
|
|
|
E1CD6FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.995608102.000000E1CD6FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CD6FE000
|
| Size: |
8192
|
|
|
29D47770000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947375417.0000029D47770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D47770000
|
| Size: |
4096
|
|
|
19398DED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DED000
|
| Size: |
208896
|
|
|
19398D0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398D0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398D0F000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2B12DE8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.917469868.000002B12DE8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12DE8E000
|
| Size: |
4096
|
|
|
500F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204977498.000000000500F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
500F000
|
| Size: |
4096
|
|
|
7FFB9AC20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1225264705.00007FFB9AC20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC20000
|
| Size: |
65536
|
|
|
242A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072315069.000000000242A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
242A000
|
| Size: |
8192
|
|
|
B18BB7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979169890.000000B18BB7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BB7E000
|
| Size: |
8192
|
|
|
5B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1217514642.00000000005B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B0000
|
| Size: |
4096
|
|
|
9EE9F3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157152006.0000009EE9F3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EE9F3C000
|
| Size: |
16384
|
|
|
2402BC7A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205793688.000002402BC7A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BC7A000
|
| Size: |
8192
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2202895356.0000000002A90000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
4096
|
|
|
91F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1220590991.000000000091F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
91F000
|
| Size: |
4096
|
|
|
7FFB9AD50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1152200267.00007FFB9AD50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AD50000
|
| Size: |
16384
|
|
|
2C4E3900000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E3900000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E3900000
|
| Size: |
1904640
|
|
|
7FFB9AA2C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1127301277.00007FFB9AA2C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA2C000
|
| Size: |
4096
|
|
|
3130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1041029604.0000000003130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3130000
|
| Size: |
40960
|
|
|
30A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.1040987704.00000000030A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30A0000
|
| Size: |
4096
|
|
|
193991EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.00000193991EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
193991EA000
|
| Size: |
4096
|
|
|
7FC07000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1009959257.000000007FC07000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FC07000
|
| Size: |
8192
|
|
|
7FFC0C611000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.924214176.00007FFC0C611000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7FFC0C611000
|
| Size: |
86016
|
|
|
235EBF15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.922880616.00000235EBF15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EBF15000
|
| Size: |
24576
|
|
|
7FFB9AE40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1155167837.00007FFB9AE40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AE40000
|
| Size: |
8192
|
|
|
B18CD4C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979699980.000000B18CD4C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18CD4C000
|
| Size: |
16384
|
|
|
2402BD02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2206184392.000002402BD02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BD02000
|
| Size: |
45056
|
|
|
672057E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.950881087.000000672057E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672057E000
|
| Size: |
8192
|
|
|
1CC57650000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1081240553.000001CC57650000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC57650000
|
| Size: |
4096
|
|
|
2C4E3836000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E3836000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E3836000
|
| Size: |
802816
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000E.00000000.991454723.0000000000401000.00000020.00000001.01000000.00000008.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
471040
|
|
|
E1CDE3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1004901232.000000E1CDE3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CDE3C000
|
| Size: |
16384
|
|
|
7FFB9AC80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957883447.00007FFB9AC80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC80000
|
| Size: |
65536
|
|
|
5994CFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923169340.0000005994CFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5994CFA000
|
| Size: |
24576
|
|
|
2402BCB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2205907131.000002402BCB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402BCB4000
|
| Size: |
36864
|
|
|
1CC57A4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1099746349.000001CC57A4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC57A4C000
|
| Size: |
16384
|
|
|
29D47598000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947265372.0000029D47598000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D47598000
|
| Size: |
36864
|
|
|
2253000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1221232272.0000000002253000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2253000
|
| Size: |
4096
|
|
|
59953FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.923313690.00000059953FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59953FD000
|
| Size: |
12288
|
|
|
7E720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1130427202.000000007E720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7E720000
|
| Size: |
4096
|
|
|
6FBF1FE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2204570353.0000006FBF1FE000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6FBF1FE000
|
| Size: |
4096
|
|
|
1E432A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1217354868.000001E432A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E432A10000
|
| Size: |
8192
|
|
|
475000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000014.00000002.2202403194.0000000000475000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
475000
|
| Size: |
8192
|
|
|
7FFB9ABF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957443613.00007FFB9ABF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9ABF0000
|
| Size: |
65536
|
|
|
1CC3D850000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000B.00000002.980374136.000001CC3D850000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
1CC3D850000
|
| Size: |
4096
|
|
|
7FFB9A9E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1267610260.00007FFB9A9E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9E4000
|
| Size: |
36864
|
|
|
1E418990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157411971.000001E418990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418990000
|
| Size: |
122880
|
|
|
22F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1072119650.00000000022F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22F0000
|
| Size: |
16384
|
|
|
7ECE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1041245330.000000007ECE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECE0000
|
| Size: |
458752
|
|
|
7EB6F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1130942136.000000007EB6F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EB6F000
|
| Size: |
20480
|
|
|
7ECE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1043026066.000000007ECE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7ECE0000
|
| Size: |
458752
|
|
|
7F7D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1139999968.000000007F7D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7F7D0000
|
| Size: |
4096
|
|
|
2402CC90000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000016.00000002.2206728447.000002402CC90000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2402CC90000
|
| Size: |
65536
|
|
|
2943000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000015.00000002.1223098111.0000000002943000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
21
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2943000
|
| Size: |
4096
|
|
|
235EA1EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.921683935.00000235EA1EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA1EA000
|
| Size: |
4096
|
|
|
1CC3F5E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC3F5E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC3F5E1000
|
| Size: |
528384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1CC579FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1098457544.000001CC579FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC579FA000
|
| Size: |
49152
|
|
|
6FBDD77000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2202510820.0000006FBDD77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBDD77000
|
| Size: |
36864
|
|
|
1E41AC15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1163170909.000001E41AC15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E41AC15000
|
| Size: |
147456
|
|
|
2C4F1CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1250972115.000002C4F1CD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F1CD1000
|
| Size: |
53248
|
|
|
7FFB9AC30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.957631729.00007FFB9AC30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC30000
|
| Size: |
65536
|
|
|
19398DEA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.0000019398DEA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19398DEA000
|
| Size: |
8192
|
|
|
235EA18D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.921683935.00000235EA18D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
235EA18D000
|
| Size: |
147456
|
|
|
67209BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.951151776.00000067209BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67209BE000
|
| Size: |
8192
|
|
|
6FBEAFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203730522.0000006FBEAFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBEAFE000
|
| Size: |
8192
|
|
|
7FCB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1147336234.000000007FCB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FCB0000
|
| Size: |
4096
|
|
|
7FFB9AC90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1140152641.00007FFB9AC90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AC90000
|
| Size: |
8192
|
|
|
2403130A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2207498516.000002403130A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2403130A000
|
| Size: |
4096
|
|
|
7DF40A640000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1106110030.00007DF40A640000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF40A640000
|
| Size: |
4096
|
|
|
216B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1110951097.00000000216B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
216B2000
|
| Size: |
12288
|
|
|
2C4E16D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1009053747.000002C4E16D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E16D0000
|
| Size: |
8192
|
|
|
250E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1074368939.000000000250E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
250E000
|
| Size: |
8192
|
|
|
7FFB9A9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1124757849.00007FFB9A9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A9E0000
|
| Size: |
40960
|
|
|
1CC3D8A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980493770.000001CC3D8A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D8A0000
|
| Size: |
16384
|
|
|
774000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1037350319.0000000000774000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
774000
|
| Size: |
24576
|
|
|
7FA10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1141181658.000000007FA10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FA10000
|
| Size: |
4096
|
|
|
1CC3D61C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979741419.000001CC3D61C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC3D61C000
|
| Size: |
471040
|
|
|
BBFDBBD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.947212768.000000BBFDBBD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBFDBBD000
|
| Size: |
12288
|
|
|
E1CE94E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1005234843.000000E1CE94E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1CE94E000
|
| Size: |
8192
|
|
|
7FFB9AA96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1219226241.00007FFB9AA96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA96000
|
| Size: |
24576
|
|
|
2B12FC02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.918178303.000002B12FC02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B12FC02000
|
| Size: |
36864
|
|
|
4FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204919219.0000000004FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FCE000
|
| Size: |
8192
|
|
|
4D4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204557374.0000000004D4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D4F000
|
| Size: |
4096
|
|
|
6FBE9FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203574901.0000006FBE9FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE9FE000
|
| Size: |
8192
|
|
|
7FFC0C630000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1273288062.00007FFC0C630000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7FFC0C630000
|
| Size: |
8192
|
|
|
1CC40545000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.980997999.000001CC40545000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC40545000
|
| Size: |
8192
|
|
|
1939916F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.952695151.000001939916F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1939916F000
|
| Size: |
331776
|
|
|
4C0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000014.00000002.2204313791.0000000004C0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
20
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C0D000
|
| Size: |
12288
|
|
|
6FBE77B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2203334975.0000006FBE77B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBE77B000
|
| Size: |
20480
|
|
|
7EC70000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1018392803.000000007EC70000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EC70000
|
| Size: |
24576
|
|
|
B18BD7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.979357500.000000B18BD7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B18BD7D000
|
| Size: |
12288
|
|
|
2402C55A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000016.00000003.1326746221.000002402C55A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2402C55A000
|
| Size: |
4096
|
|
|
6FBEDFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000016.00000002.2204106247.0000006FBEDFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
22
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FBEDFE000
|
| Size: |
8192
|
|
|
7EDDF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1132324849.000000007EDDF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7EDDF000
|
| Size: |
200704
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2C4E343A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1013066820.000002C4E343A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4E343A000
|
| Size: |
184320
|
|
|
1E418910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1157275932.000001E418910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E418910000
|
| Size: |
12288
|
|
