|
5A2000
|
unkown
|
page readonly
|
 |
|
|
| Name: |
00000000.00000000.1305806244.00000000005A2000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5A2000
|
| Size: |
77824
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
285A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574895544.000000000285A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
285A000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
2811000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574895544.0000000002811000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2811000
|
| Size: |
294912
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
6930ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716556589.0000006930ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930ABE000
|
| Size: |
8192
|
|
|
B561179000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382139698.000000B561179000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B561179000
|
| Size: |
28672
|
|
|
18A95E37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95E37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95E37000
|
| Size: |
3911680
|
|
|
C5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2573861192.0000000000C5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C5E000
|
| Size: |
8192
|
|
|
1C230000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606302508.000000001C230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C230000
|
| Size: |
12288
|
|
|
1BB90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154564255.000000001BB90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BB90000
|
| Size: |
4096
|
|
|
18A92E36000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E36000
|
| Size: |
4096
|
|
|
23E2FEC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1443264477.0000023E2FEC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FEC5000
|
| Size: |
40960
|
|
|
7FF88B168000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B168000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B168000
|
| Size: |
4096
|
|
|
7FF88B220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698345918.00007FF88B220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B220000
|
| Size: |
65536
|
|
|
16415BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563604678.0000016415BC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16415BC0000
|
| Size: |
4096
|
|
|
ACE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000ACE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ACE000
|
| Size: |
28672
|
|
|
7FF88AEC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409730151.00007FF88AEC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEC0000
|
| Size: |
8192
|
|
|
13AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.00000000013AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13AB000
|
| Size: |
4096
|
|
|
7FF88B240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914645240.00007FF88B240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B240000
|
| Size: |
36864
|
|
|
18AACE31000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE31000
|
| Size: |
4096
|
|
|
1400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150215065.0000000001400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1400000
|
| Size: |
4096
|
|
|
18AAD072000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD072000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD072000
|
| Size: |
8192
|
|
|
DBCAD7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440113049.000000DBCAD7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAD7D000
|
| Size: |
12288
|
|
|
16427731000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427731000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427731000
|
| Size: |
57344
|
|
|
23E32F91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32F91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32F91000
|
| Size: |
3940352
|
|
|
7FF88B17C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413160978.00007FF88B17C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B17C000
|
| Size: |
8192
|
|
|
1B30F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432943511.000000001B30F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B30F000
|
| Size: |
4096
|
|
|
7FF88AE14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607052709.00007FF88AE14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE14000
|
| Size: |
12288
|
|
|
1642FE0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1688721081.000001642FE0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FE0A000
|
| Size: |
135168
|
|
|
1642779D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.000001642779D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1642779D000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
BD6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BD6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD6000
|
| Size: |
4096
|
|
|
1CC0B38B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B38B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B38B000
|
| Size: |
53248
|
|
|
16427740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427740000
|
| Size: |
16384
|
|
|
18AA4D74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D74000
|
| Size: |
1765376
|
|
|
1CC22CBB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22CBB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CBB000
|
| Size: |
8192
|
|
|
7FF88AFBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530535850.00007FF88AFBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFBA000
|
| Size: |
24576
|
|
|
7FF88AF20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1530241024.00007FF88AF20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF20000
|
| Size: |
53248
|
|
|
1CC22C25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404932876.000001CC22C25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22C25000
|
| Size: |
4096
|
|
|
7FF88AFBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1906609146.00007FF88AFBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFBA000
|
| Size: |
24576
|
|
|
DBCA7E3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1439644265.000000DBCA7E3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCA7E3000
|
| Size: |
53248
|
|
|
18A95788000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95788000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95788000
|
| Size: |
458752
|
|
|
7FF88B1D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697586459.00007FF88B1D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1D0000
|
| Size: |
65536
|
|
|
7FF88B134000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696622608.00007FF88B134000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B134000
|
| Size: |
4096
|
|
|
1CC0C5C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C5C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C5C1000
|
| Size: |
12288
|
|
|
18AA4ADC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4ADC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4ADC000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413576452.00007FF88B210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B210000
|
| Size: |
65536
|
|
|
DBCBC0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440552518.000000DBCBC0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBC0C000
|
| Size: |
16384
|
|
|
1B5AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601717044.000000001B5AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B5AE000
|
| Size: |
8192
|
|
|
23E2FD21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD21000
|
| Size: |
24576
|
|
|
23E41EBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41EBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41EBD000
|
| Size: |
16384
|
|
|
23E41BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41BD1000
|
| Size: |
77824
|
|
|
23E49F20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1526501844.0000023E49F20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F20000
|
| Size: |
53248
|
|
|
ACC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000ACC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ACC000
|
| Size: |
4096
|
|
|
DBCBB8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440501912.000000DBCBB8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBB8E000
|
| Size: |
8192
|
|
|
18A95D1C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95D1C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95D1C000
|
| Size: |
385024
|
|
|
16415BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563604678.0000016415BF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16415BF0000
|
| Size: |
12288
|
|
|
23E32807000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32807000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32807000
|
| Size: |
880640
|
|
|
1CC1A811000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1A811000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1A811000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
13873C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932341185.0000013873C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873C70000
|
| Size: |
28672
|
|
|
7FF88AE0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529257533.00007FF88AE0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE0D000
|
| Size: |
12288
|
|
|
7FF88AE6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2078029365.00007FF88AE6C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE6C000
|
| Size: |
4096
|
|
|
1CC0BAA9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0BAA9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0BAA9000
|
| Size: |
749568
|
|
|
7FF88B010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1907771454.00007FF88B010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B010000
|
| Size: |
65536
|
|
|
7FF88AEF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409943037.00007FF88AEF6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEF6000
|
| Size: |
86016
|
|
|
13E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150113485.00000000013E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13E0000
|
| Size: |
4096
|
|
|
1CC1A7C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1A7C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1A7C1000
|
| Size: |
8192
|
|
|
BE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BE0000
|
| Size: |
32768
|
|
|
7FF88B0B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695263190.00007FF88B0B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0B0000
|
| Size: |
65536
|
|
|
1265000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2071831907.0000000001265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1265000
|
| Size: |
8192
|
|
|
1642FE39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1688721081.000001642FE39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FE39000
|
| Size: |
4096
|
|
|
7FF88B230000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1914583434.00007FF88B230000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88B230000
|
| Size: |
4096
|
|
|
7FF88B162000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534923337.00007FF88B162000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B162000
|
| Size: |
20480
|
|
|
18AA4AA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4AA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4AA1000
|
| Size: |
221184
|
|
|
36FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153840211.00000000036FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FF000
|
| Size: |
4096
|
|
|
1CC22ED1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406602316.000001CC22ED1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22ED1000
|
| Size: |
36864
|
|
|
294C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432232800.000000000294C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
294C000
|
| Size: |
8192
|
|
|
7FF88B0F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1911934206.00007FF88B0F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0F0000
|
| Size: |
65536
|
|
|
7FF88AFE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1907084061.00007FF88AFE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE4000
|
| Size: |
12288
|
|
|
1B79D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B79D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B79D000
|
| Size: |
4096
|
|
|
7FF88B178000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413160978.00007FF88B178000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B178000
|
| Size: |
12288
|
|
|
AF1000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428353269.0000000000AF1000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AF1000
|
| Size: |
61440
|
|
|
FE8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FE8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FE8000
|
| Size: |
4096
|
|
|
7FF88B160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697179186.00007FF88B160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B160000
|
| Size: |
65536
|
|
|
7FF88B220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1536201225.00007FF88B220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B220000
|
| Size: |
65536
|
|
|
23E2FC60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440992926.0000023E2FC60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2FC60000
|
| Size: |
16384
|
|
|
23E49F73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E49F73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F73000
|
| Size: |
20480
|
|
|
1026000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000001026000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1026000
|
| Size: |
4096
|
|
|
18AACF90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1897844923.0000018AACF90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACF90000
|
| Size: |
36864
|
|
|
8F1000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569443447.00000000008F1000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F1000
|
| Size: |
61440
|
|
|
A40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569839396.0000000000A40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A40000
|
| Size: |
12288
|
|
|
146F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072076744.000000000146F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
146F000
|
| Size: |
4096
|
|
|
DBCAB7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1439946785.000000DBCAB7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAB7E000
|
| Size: |
8192
|
|
|
7FF88B1E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697837686.00007FF88B1E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1E0000
|
| Size: |
4096
|
|
|
14C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14C9000
|
| Size: |
4096
|
|
|
23E31DF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E31DF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E31DF9000
|
| Size: |
2764800
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
290F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432149696.000000000290F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
290F000
|
| Size: |
4096
|
|
|
1CC08F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383390348.000001CC08F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08F70000
|
| Size: |
16384
|
|
|
1CC08C9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C9E000
|
| Size: |
8192
|
|
|
18A9570C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A9570C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A9570C000
|
| Size: |
503808
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529289957.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
40960
|
|
|
18A959DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959DE000
|
| Size: |
8192
|
|
|
7FF88AE02000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529096291.00007FF88AE02000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE02000
|
| Size: |
4096
|
|
|
B60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428746747.0000000000B60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B60000
|
| Size: |
12288
|
|
|
7FF88AFD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1530729819.00007FF88AFD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFD0000
|
| Size: |
24576
|
|
|
18AACDB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1892575874.0000018AACDB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACDB0000
|
| Size: |
69632
|
|
|
1CC1AA98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1AA98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1AA98000
|
| Size: |
4096
|
|
|
23E319D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446067221.0000023E319D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E319D0000
|
| Size: |
4096
|
|
|
7FF88AF80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1690868889.00007FF88AF80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF80000
|
| Size: |
4096
|
|
|
1B4EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433091806.000000001B4EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B4EF000
|
| Size: |
4096
|
|
|
23E2FD01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD01000
|
| Size: |
4096
|
|
|
23E3343A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E3343A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E3343A000
|
| Size: |
147456
|
|
|
7FF88AED0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607752418.00007FF88AED0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AED0000
|
| Size: |
4096
|
|
|
16418A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418A2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418A2C000
|
| Size: |
45056
|
|
|
16418854000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418854000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418854000
|
| Size: |
737280
|
|
|
DBCAC7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440026282.000000DBCAC7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAC7E000
|
| Size: |
8192
|
|
|
1CC22EE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406602316.000001CC22EE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22EE1000
|
| Size: |
176128
|
|
|
7FF88B180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913816803.00007FF88B180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B180000
|
| Size: |
16384
|
|
|
1B1A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601352623.000000001B1A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B1A0000
|
| Size: |
8192
|
|
|
7FF88AFB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2078314507.00007FF88AFB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB2000
|
| Size: |
12288
|
|
|
7FF88AFE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530799390.00007FF88AFE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE4000
|
| Size: |
12288
|
|
|
C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2573910262.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
12288
|
|
|
7FF88AEE6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1905671976.00007FF88AEE6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEE6000
|
| Size: |
86016
|
|
|
7DF4BEE70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529066165.00007DF4BEE70000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4BEE70000
|
| Size: |
4096
|
|
|
4999038000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560582035.0000004999038000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999038000
|
| Size: |
32768
|
|
|
286F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574895544.000000000286F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
286F000
|
| Size: |
12288
|
|
|
4999E8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561203059.0000004999E8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999E8C000
|
| Size: |
16384
|
|
|
16415A5A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A5A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A5A000
|
| Size: |
479232
|
|
|
6930473000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1714751786.0000006930473000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930473000
|
| Size: |
53248
|
|
|
7FF88B260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1536813578.00007FF88B260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B260000
|
| Size: |
65536
|
|
|
1641907B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.000001641907B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1641907B000
|
| Size: |
3563520
|
|
|
DBCB13E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440433802.000000DBCB13E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCB13E000
|
| Size: |
8192
|
|
|
18A95D7D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95D7D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95D7D000
|
| Size: |
749568
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433602075.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
4096
|
|
|
1B6A5000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601765532.000000001B6A5000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B6A5000
|
| Size: |
45056
|
|
|
4998CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560060936.0000004998CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998CFE000
|
| Size: |
8192
|
|
|
16418337000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418337000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418337000
|
| Size: |
561152
|
|
|
18AA4A91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4A91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4A91000
|
| Size: |
8192
|
|
|
18A954C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A954C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A954C4000
|
| Size: |
1744896
|
|
|
4998A72000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1559718107.0000004998A72000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998A72000
|
| Size: |
57344
|
|
|
7FF88AE1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409565407.00007FF88AE1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE1D000
|
| Size: |
12288
|
|
|
7FF88B010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411182650.00007FF88B010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B010000
|
| Size: |
65536
|
|
|
7FF88AE0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1975929092.00007FF88AE0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE0D000
|
| Size: |
4096
|
|
|
18A94A71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A94A71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A94A71000
|
| Size: |
528384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
18A92DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717778457.0000018A92DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92DD0000
|
| Size: |
12288
|
|
|
1CC08BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382578416.000001CC08BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08BC0000
|
| Size: |
16384
|
|
|
18A92DE0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718005346.0000018A92DE0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
18A92DE0000
|
| Size: |
4096
|
|
|
4999E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561167265.0000004999E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999E0E000
|
| Size: |
8192
|
|
|
1CC08E10000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383001765.000001CC08E10000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1CC08E10000
|
| Size: |
4096
|
|
|
AD6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000AD6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD6000
|
| Size: |
561152
|
|
|
7FF88B170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697431207.00007FF88B170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B170000
|
| Size: |
45056
|
|
|
1154F8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932199738.0000001154F8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1154F8F000
|
| Size: |
4096
|
|
|
1CC22D80000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406268361.000001CC22D80000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC22D80000
|
| Size: |
20480
|
|
|
7FF88B100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412773223.00007FF88B100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B100000
|
| Size: |
65536
|
|
|
1641832D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.000001641832D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1641832D000
|
| Size: |
36864
|
|
|
7FF88B250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914818318.00007FF88B250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B250000
|
| Size: |
4096
|
|
|
7FF88AFB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2608105680.00007FF88AFB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB2000
|
| Size: |
49152
|
|
|
18AAD1CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1903413036.0000018AAD1CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD1CC000
|
| Size: |
12288
|
|
|
1B74E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B74E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B74E000
|
| Size: |
159744
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
7FF88AEC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607695045.00007FF88AEC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEC6000
|
| Size: |
4096
|
|
|
7FF88B130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534383518.00007FF88B130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B130000
|
| Size: |
4096
|
|
|
7FF88AFF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1530894845.00007FF88AFF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFF0000
|
| Size: |
45056
|
|
|
7FF88AFC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691550835.00007FF88AFC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFC4000
|
| Size: |
12288
|
|
|
7FF88B139000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696622608.00007FF88B139000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B139000
|
| Size: |
28672
|
|
|
B5614BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382283921.000000B5614BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5614BE000
|
| Size: |
8192
|
|
|
1CC22CE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406057818.000001CC22CE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CE5000
|
| Size: |
12288
|
|
|
164189D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164189D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164189D7000
|
| Size: |
344064
|
|
|
1642FA70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1680633412.000001642FA70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FA70000
|
| Size: |
253952
|
|
|
DBCB03F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440392049.000000DBCB03F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCB03F000
|
| Size: |
4096
|
|
|
23E41C3F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41C3F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41C3F000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88AFF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1692074891.00007FF88AFF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFF0000
|
| Size: |
65536
|
|
|
6931789000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717198764.0000006931789000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6931789000
|
| Size: |
28672
|
|
|
18AACE1F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE1F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE1F000
|
| Size: |
69632
|
|
|
1CC0B8C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B8C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B8C3000
|
| Size: |
745472
|
|
|
B56230C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382519559.000000B56230C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56230C000
|
| Size: |
4096
|
|
|
23E33519000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E33519000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E33519000
|
| Size: |
24576
|
|
|
1CC22F0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406602316.000001CC22F0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22F0D000
|
| Size: |
466944
|
|
|
7FF88B164000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413079528.00007FF88B164000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B164000
|
| Size: |
4096
|
|
|
B5610FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382115821.000000B5610FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5610FE000
|
| Size: |
8192
|
|
|
B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2067987528.0000000000B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
1CC2306C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC2306C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC2306C000
|
| Size: |
12288
|
|
|
BCB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BCB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BCB000
|
| Size: |
40960
|
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149618185.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
12288
|
|
|
18AAD080000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD080000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD080000
|
| Size: |
659456
|
|
|
1B2AA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601482695.000000001B2AA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B2AA000
|
| Size: |
24576
|
|
|
140F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000140F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
140F000
|
| Size: |
40960
|
|
|
1C840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606784617.000000001C840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C840000
|
| Size: |
4096
|
|
|
7FF88B0B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1910913863.00007FF88B0B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0B0000
|
| Size: |
65536
|
|
|
693067A000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715246445.000000693067A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693067A000
|
| Size: |
24576
|
|
|
7FF88B0D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695747900.00007FF88B0D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0D0000
|
| Size: |
65536
|
|
|
1642FD03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FD03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FD03000
|
| Size: |
8192
|
|
|
7FF88B120000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534269924.00007FF88B120000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B120000
|
| Size: |
16384
|
|
|
7FF88B233000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698569063.00007FF88B233000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B233000
|
| Size: |
53248
|
|
|
7FF88AE0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433552223.00007FF88AE0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE0D000
|
| Size: |
4096
|
|
|
18AA4A71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4A71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4A71000
|
| Size: |
77824
|
|
|
7FF88AE96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1690051080.00007FF88AE96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE96000
|
| Size: |
24576
|
|
|
7FF88B160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B160000
|
| Size: |
4096
|
|
|
7DF413250000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1689436170.00007DF413250000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF413250000
|
| Size: |
4096
|
|
|
13873E85000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1933361256.0000013873E85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873E85000
|
| Size: |
12288
|
|
|
7FF88AE1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607110639.00007FF88AE1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE1D000
|
| Size: |
12288
|
|
|
23E31840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444689516.0000023E31840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31840000
|
| Size: |
126976
|
|
|
164177AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164177AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164177AA000
|
| Size: |
1732608
|
|
|
23E2FEC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1443264477.0000023E2FEC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FEC0000
|
| Size: |
16384
|
|
|
7FF88B0D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1911419322.00007FF88B0D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0D0000
|
| Size: |
65536
|
|
|
7FF88B290000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1414119173.00007FF88B290000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B290000
|
| Size: |
65536
|
|
|
23E32BD4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32BD4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32BD4000
|
| Size: |
176128
|
|
|
7FF88B230000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698569063.00007FF88B230000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B230000
|
| Size: |
4096
|
|
|
1CC08EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383254212.000001CC08EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08EA0000
|
| Size: |
12288
|
|
|
16415A57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A57000
|
| Size: |
8192
|
|
|
1CC22D87000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406268361.000001CC22D87000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC22D87000
|
| Size: |
12288
|
|
|
499923B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560855408.000000499923B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
499923B000
|
| Size: |
20480
|
|
|
7FF88AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409598066.00007FF88AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE20000
|
| Size: |
40960
|
|
|
1650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973763785.0000000001650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1650000
|
| Size: |
8192
|
|
|
1CC22F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC22F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22F80000
|
| Size: |
495616
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B203000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413471876.00007FF88B203000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B203000
|
| Size: |
53248
|
|
|
7FF88AF20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1906059566.00007FF88AF20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF20000
|
| Size: |
53248
|
|
|
7FF88B020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1692789510.00007FF88B020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B020000
|
| Size: |
65536
|
|
|
1642FCFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCFF000
|
| Size: |
4096
|
|
|
7FF88B0E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412592493.00007FF88B0E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0E0000
|
| Size: |
65536
|
|
|
1CC08F00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383356741.000001CC08F00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08F00000
|
| Size: |
4096
|
|
|
12941000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432650876.0000000012941000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12941000
|
| Size: |
4096
|
|
|
1CC22CAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22CAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CAF000
|
| Size: |
4096
|
|
|
1642FB4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1682763109.000001642FB4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FB4B000
|
| Size: |
147456
|
|
|
1B8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2075142582.000000001B8E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B8E0000
|
| Size: |
4096
|
|
|
1AECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432868509.000000001AECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1AECE000
|
| Size: |
8192
|
|
|
23E2FAE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440871339.0000023E2FAE0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FAE0000
|
| Size: |
4096
|
|
|
7FF88B000000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1411064098.00007FF88B000000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88B000000
|
| Size: |
45056
|
|
|
DBCAF3A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440290632.000000DBCAF3A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAF3A000
|
| Size: |
24576
|
|
|
7FF88AFCA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410402105.00007FF88AFCA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFCA000
|
| Size: |
24576
|
|
|
1CC0B3A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B3A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B3A1000
|
| Size: |
28672
|
|
|
1642FC70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FC70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FC70000
|
| Size: |
258048
|
|
|
2E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072438376.0000000002E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E20000
|
| Size: |
4096
|
|
|
7FF88AE00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689944226.00007FF88AE00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE00000
|
| Size: |
4096
|
|
|
7FF88B0D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1533090782.00007FF88B0D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0D0000
|
| Size: |
65536
|
|
|
18AAD075000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD075000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD075000
|
| Size: |
12288
|
|
|
4999D89000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561090199.0000004999D89000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999D89000
|
| Size: |
28672
|
|
|
1CC1A7D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1A7D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1A7D1000
|
| Size: |
241664
|
|
|
2FAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974239975.0000000002FAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FAF000
|
| Size: |
4096
|
|
|
23E31860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444878003.0000023E31860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31860000
|
| Size: |
16384
|
|
|
7FF88B100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1533943088.00007FF88B100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B100000
|
| Size: |
24576
|
|
|
693180C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717355719.000000693180C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693180C000
|
| Size: |
16384
|
|
|
7FF88B010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531177260.00007FF88B010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B010000
|
| Size: |
65536
|
|
|
18A96872000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A96872000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A96872000
|
| Size: |
118784
|
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FF0000
|
| Size: |
36864
|
|
|
2930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432187810.0000000002930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2930000
|
| Size: |
4096
|
|
|
30CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974330957.00000000030CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30CF000
|
| Size: |
4096
|
|
|
F20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068450505.0000000000F20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F20000
|
| Size: |
4096
|
|
|
1BFEA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606042849.000000001BFEA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BFEA000
|
| Size: |
24576
|
|
|
1642FAB2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1680633412.000001642FAB2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FAB2000
|
| Size: |
8192
|
|
|
1CC1A7A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1A7A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1A7A1000
|
| Size: |
77824
|
|
|
1A840000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601169680.000000001A840000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1A840000
|
| Size: |
4096
|
|
|
7FF88ADE4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689559440.00007FF88ADE4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADE4000
|
| Size: |
36864
|
|
|
16417680000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1566333969.0000016417680000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
16417680000
|
| Size: |
20480
|
|
|
23E318CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1445358279.0000023E318CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E318CB000
|
| Size: |
188416
|
|
|
14DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14DA000
|
| Size: |
4096
|
|
|
7FF88B226000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914395791.00007FF88B226000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B226000
|
| Size: |
40960
|
|
|
FFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFA000
|
| Size: |
4096
|
|
|
7FF88AEA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433707429.00007FF88AEA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEA0000
|
| Size: |
4096
|
|
|
16415C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563832673.0000016415C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415C70000
|
| Size: |
4096
|
|
|
16415930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561405085.0000016415930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415930000
|
| Size: |
8192
|
|
|
1CC0A750000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383482733.000001CC0A750000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0A750000
|
| Size: |
12288
|
|
|
23E2FD4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD4E000
|
| Size: |
360448
|
|
|
164159DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.00000164159DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
164159DF000
|
| Size: |
180224
|
|
|
136F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154303866.00000000136F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
136F8000
|
| Size: |
4096
|
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068038120.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB0000
|
| Size: |
4096
|
|
|
1C73A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606621276.000000001C73A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C73A000
|
| Size: |
24576
|
|
|
18A92FE0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721381981.0000018A92FE0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
18A92FE0000
|
| Size: |
4096
|
|
|
7FF88B110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1912579049.00007FF88B110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B110000
|
| Size: |
61440
|
|
|
312C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974483735.000000000312C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312C000
|
| Size: |
40960
|
|
|
1642FB1F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1682763109.000001642FB1F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FB1F000
|
| Size: |
155648
|
|
|
B56210D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382431159.000000B56210D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56210D000
|
| Size: |
12288
|
|
|
7FF88B0F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696220203.00007FF88B0F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0F0000
|
| Size: |
49152
|
|
|
BD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD8000
|
| Size: |
4096
|
|
|
28C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574895544.00000000028C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28C1000
|
| Size: |
4804608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7FF88AE30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607471742.00007FF88AE30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE30000
|
| Size: |
4096
|
|
|
DBCB1BB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440462478.000000DBCB1BB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCB1BB000
|
| Size: |
20480
|
|
|
7FF88AFD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1691665364.00007FF88AFD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFD0000
|
| Size: |
45056
|
|
|
280F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574857018.000000000280F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
280F000
|
| Size: |
4096
|
|
|
1CC0C007000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C007000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C007000
|
| Size: |
147456
|
|
|
23E319C7000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1445965101.0000023E319C7000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
23E319C7000
|
| Size: |
12288
|
|
|
1BE3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975694734.000000001BE3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BE3F000
|
| Size: |
4096
|
|
|
23E2FC80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441073733.0000023E2FC80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2FC80000
|
| Size: |
4096
|
|
|
1BD9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154673298.000000001BD9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BD9F000
|
| Size: |
4096
|
|
|
7FF88B190000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535630575.00007FF88B190000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B190000
|
| Size: |
36864
|
|
|
1CC22CB3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22CB3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CB3000
|
| Size: |
24576
|
|
|
164F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973713214.000000000164F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
164F000
|
| Size: |
4096
|
|
|
7FF88AF00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1690688009.00007FF88AF00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF00000
|
| Size: |
53248
|
|
|
1B3E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433042780.000000001B3E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B3E0000
|
| Size: |
4096
|
|
|
7FF88B133000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534431658.00007FF88B133000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B133000
|
| Size: |
28672
|
|
|
2EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974183681.0000000002EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA0000
|
| Size: |
4096
|
|
|
1CC22FFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC22FFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22FFB000
|
| Size: |
4096
|
|
|
7FF88B280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1537130242.00007FF88B280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B280000
|
| Size: |
65536
|
|
|
DBCBE0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440798924.000000DBCBE0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBE0D000
|
| Size: |
12288
|
|
|
18AA4D5A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D5A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D5A000
|
| Size: |
4096
|
|
|
DBCADF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440146494.000000DBCADF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCADF9000
|
| Size: |
28672
|
|
|
7FF88AE04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433400205.00007FF88AE04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE04000
|
| Size: |
24576
|
|
|
B56228D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382495968.000000B56228D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56228D000
|
| Size: |
12288
|
|
|
4998AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1559874160.0000004998AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998AFF000
|
| Size: |
4096
|
|
|
1BCED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2605920027.000000001BCED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BCED000
|
| Size: |
12288
|
|
|
FB0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000010.00000002.1969101095.0000000000FB0000.00000002.00000001.01000000.00000009.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
FB0000
|
| Size: |
4096
|
|
|
134C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000134C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
134C000
|
| Size: |
118784
|
|
|
23E4A030000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528642064.0000023E4A030000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A030000
|
| Size: |
40960
|
|
|
1CC22CA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22CA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CA7000
|
| Size: |
8192
|
|
|
FC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149618185.0000000000FC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC5000
|
| Size: |
8192
|
|
|
23E32624000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32624000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32624000
|
| Size: |
1785856
|
|
|
7FF88B050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531792582.00007FF88B050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B050000
|
| Size: |
65536
|
|
|
23E33461000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E33461000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E33461000
|
| Size: |
749568
|
|
|
13E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.00000000013E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E9000
|
| Size: |
126976
|
|
|
7FF88B0A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412226446.00007FF88B0A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0A0000
|
| Size: |
65536
|
|
|
69306FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715373686.00000069306FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69306FE000
|
| Size: |
8192
|
|
|
23E33522000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E33522000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E33522000
|
| Size: |
4763648
|
|
|
6930BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716644197.0000006930BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930BBE000
|
| Size: |
8192
|
|
|
1CC0C02E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C02E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C02E000
|
| Size: |
778240
|
|
|
1B5EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433138585.000000001B5EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B5EF000
|
| Size: |
4096
|
|
|
13121000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975216579.0000000013121000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13121000
|
| Size: |
4096
|
|
|
1CC23068000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC23068000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23068000
|
| Size: |
12288
|
|
|
23E41BF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41BF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41BF1000
|
| Size: |
8192
|
|
|
1C83E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606730944.000000001C83E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C83E000
|
| Size: |
8192
|
|
|
AA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000AA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA3000
|
| Size: |
16384
|
|
|
23E32C8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32C8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32C8C000
|
| Size: |
397312
|
|
|
7FF88AE12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409411908.00007FF88AE12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE12000
|
| Size: |
4096
|
|
|
2941000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432232800.0000000002941000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2941000
|
| Size: |
40960
|
|
|
16415BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563547236.0000016415BA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16415BA0000
|
| Size: |
4096
|
|
|
3021000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072548566.0000000003021000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3021000
|
| Size: |
20480
|
|
|
7FF88B200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413471876.00007FF88B200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B200000
|
| Size: |
8192
|
|
|
18AAD3E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904011463.0000018AAD3E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD3E0000
|
| Size: |
4096
|
|
|
7FF88B100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696399560.00007FF88B100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B100000
|
| Size: |
16384
|
|
|
7FF88AE13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2154731890.00007FF88AE13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE13000
|
| Size: |
4096
|
|
|
23E327D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E327D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E327D9000
|
| Size: |
184320
|
|
|
7FF88AED0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2078116619.00007FF88AED0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AED0000
|
| Size: |
4096
|
|
|
7FF88AE21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154827686.00007FF88AE21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE21000
|
| Size: |
4096
|
|
|
18AACEF7000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1897481108.0000018AACEF7000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
18AACEF7000
|
| Size: |
12288
|
|
|
18A94A20000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1725465408.0000018A94A20000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
18A94A20000
|
| Size: |
4096
|
|
|
F05000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574546326.0000000000F05000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F05000
|
| Size: |
32768
|
|
|
18A95C4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95C4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95C4D000
|
| Size: |
229376
|
|
|
36F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153840211.00000000036F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F1000
|
| Size: |
40960
|
|
|
18A93135000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1722023123.0000018A93135000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A93135000
|
| Size: |
40960
|
|
|
6930C3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716699114.0000006930C3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930C3C000
|
| Size: |
16384
|
|
|
18A95C86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95C86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95C86000
|
| Size: |
249856
|
|
|
1B130000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2601315173.000000001B130000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B130000
|
| Size: |
4096
|
|
|
4998F38000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560390501.0000004998F38000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998F38000
|
| Size: |
32768
|
|
|
1CC08C8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C8A000
|
| Size: |
4096
|
|
|
136F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072027261.000000000136F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
136F000
|
| Size: |
4096
|
|
|
1CC08E70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383224198.000001CC08E70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC08E70000
|
| Size: |
65536
|
|
|
DBCBD89000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440701652.000000DBCBD89000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBD89000
|
| Size: |
28672
|
|
|
1CB3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606815832.000000001CB3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CB3C000
|
| Size: |
16384
|
|
|
B560FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382067132.000000B560FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B560FFE000
|
| Size: |
8192
|
|
|
7FF88B070000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532099199.00007FF88B070000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B070000
|
| Size: |
65536
|
|
|
23E32ED6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32ED6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32ED6000
|
| Size: |
225280
|
|
|
18A959D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959D9000
|
| Size: |
12288
|
|
|
7FF88B260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413917149.00007FF88B260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B260000
|
| Size: |
65536
|
|
|
16418183000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418183000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418183000
|
| Size: |
1740800
|
|
|
7FF88B050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1693496717.00007FF88B050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B050000
|
| Size: |
65536
|
|
|
B560E73000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382005557.000000B560E73000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B560E73000
|
| Size: |
53248
|
|
|
1BBAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975523869.000000001BBAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BBAE000
|
| Size: |
8192
|
|
|
23E41C01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41C01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41C01000
|
| Size: |
233472
|
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428310799.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0000
|
| Size: |
4096
|
|
|
7FF88B110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696474657.00007FF88B110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B110000
|
| Size: |
4096
|
|
|
1860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974016677.0000000001860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1860000
|
| Size: |
4096
|
|
|
23E2FCD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441269915.0000023E2FCD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FCD2000
|
| Size: |
8192
|
|
|
13018000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2073377513.0000000013018000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13018000
|
| Size: |
4096
|
|
|
18A957FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A957FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A957FA000
|
| Size: |
1957888
|
|
|
23E2FD05000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD05000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD05000
|
| Size: |
4096
|
|
|
1642FE00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1688629588.000001642FE00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FE00000
|
| Size: |
24576
|
|
|
1CC0C57C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C57C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C57C000
|
| Size: |
139264
|
|
|
1AD9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601238782.000000001AD9C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1AD9C000
|
| Size: |
16384
|
|
|
1B6AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975404053.000000001B6AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B6AE000
|
| Size: |
8192
|
|
|
18A92DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92DF0000
|
| Size: |
28672
|
|
|
DBCB0BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440414085.000000DBCB0BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCB0BF000
|
| Size: |
4096
|
|
|
7FF88AF82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1690868889.00007FF88AF82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF82000
|
| Size: |
57344
|
|
|
16418FBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418FBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418FBA000
|
| Size: |
778240
|
|
|
7FF88B160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534923337.00007FF88B160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B160000
|
| Size: |
4096
|
|
|
16418739000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418739000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418739000
|
| Size: |
176128
|
|
|
7FF88AE30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409678219.00007FF88AE30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE30000
|
| Size: |
4096
|
|
|
7FF88AE3C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1689974000.00007FF88AE3C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE3C000
|
| Size: |
4096
|
|
|
23E2FCE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441603534.0000023E2FCE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FCE2000
|
| Size: |
20480
|
|
|
7FF88B240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1536523932.00007FF88B240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B240000
|
| Size: |
36864
|
|
|
1CC1AA8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1AA8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1AA8E000
|
| Size: |
20480
|
|
|
13123000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975216579.0000000013123000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13123000
|
| Size: |
12288
|
|
|
7FF88B060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1909372229.00007FF88B060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B060000
|
| Size: |
65536
|
|
|
18A959EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959EA000
|
| Size: |
49152
|
|
|
16415900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561311449.0000016415900000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415900000
|
| Size: |
4096
|
|
|
164176B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566451013.00000164176B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164176B0000
|
| Size: |
4096
|
|
|
693168C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716881478.000000693168C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693168C000
|
| Size: |
16384
|
|
|
7FF88B080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1694214786.00007FF88B080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B080000
|
| Size: |
65536
|
|
|
4998FBA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560481685.0000004998FBA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998FBA000
|
| Size: |
24576
|
|
|
1CC0BF22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0BF22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0BF22000
|
| Size: |
929792
|
|
|
7FF88AED6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433768779.00007FF88AED6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AED6000
|
| Size: |
4096
|
|
|
18A95CC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95CC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95CC4000
|
| Size: |
352256
|
|
|
1CC0A790000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1383535425.000001CC0A790000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC0A790000
|
| Size: |
4096
|
|
|
7FF88B070000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411873524.00007FF88B070000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B070000
|
| Size: |
65536
|
|
|
1AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153563194.0000000001AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1AC0000
|
| Size: |
4096
|
|
|
D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574101881.0000000000D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D70000
|
| Size: |
4096
|
|
|
18A959F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959F7000
|
| Size: |
1290240
|
|
|
7FF88AFE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1907084061.00007FF88AFE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE2000
|
| Size: |
4096
|
|
|
DBCABF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1439973962.000000DBCABF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCABF9000
|
| Size: |
28672
|
|
|
B80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428870303.0000000000B80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B80000
|
| Size: |
4096
|
|
|
499913E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560780778.000000499913E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
499913E000
|
| Size: |
8192
|
|
|
1CC3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606905208.000000001CC3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CC3C000
|
| Size: |
16384
|
|
|
7FF88B101000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1912360415.00007FF88B101000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B101000
|
| Size: |
20480
|
|
|
18AA4D5C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D5C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D5C000
|
| Size: |
12288
|
|
|
1CC0A7A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0A7A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0A7A1000
|
| Size: |
540672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B0C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1911237397.00007FF88B0C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0C7000
|
| Size: |
16384
|
|
|
23E318A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444878003.0000023E318A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E318A8000
|
| Size: |
12288
|
|
|
7FF88AE04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529169073.00007FF88AE04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE04000
|
| Size: |
36864
|
|
|
BED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BED000
|
| Size: |
8192
|
|
|
7FF88AFA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1906339223.00007FF88AFA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFA2000
|
| Size: |
57344
|
|
|
13011000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2073377513.0000000013011000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13011000
|
| Size: |
4096
|
|
|
7FF88B142000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696799329.00007FF88B142000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B142000
|
| Size: |
20480
|
|
|
1CC08E60000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000002.00000002.1383200416.000001CC08E60000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
1CC08E60000
|
| Size: |
4096
|
|
|
69308BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716002058.00000069308BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69308BE000
|
| Size: |
8192
|
|
|
7FF88AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529664236.00007FF88AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE20000
|
| Size: |
4096
|
|
|
16417432000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1564311564.0000016417432000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16417432000
|
| Size: |
798720
|
|
|
1CC22CE9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406057818.000001CC22CE9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CE9000
|
| Size: |
24576
|
|
|
23E318AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444878003.0000023E318AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E318AC000
|
| Size: |
16384
|
|
|
18AACEF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1897481108.0000018AACEF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
18AACEF0000
|
| Size: |
20480
|
|
|
14C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14C6000
|
| Size: |
8192
|
|
|
7FF88AF30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607808322.00007FF88AF30000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF30000
|
| Size: |
65536
|
|
|
23E339AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E339AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E339AE000
|
| Size: |
143360
|
|
|
4998EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560338651.0000004998EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998EBE000
|
| Size: |
8192
|
|
|
1BD3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975636914.000000001BD3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BD3E000
|
| Size: |
8192
|
|
|
F60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149347793.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F60000
|
| Size: |
4096
|
|
|
1154E89000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932008999.0000001154E89000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1154E89000
|
| Size: |
28672
|
|
|
16415C85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563868607.0000016415C85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415C85000
|
| Size: |
40960
|
|
|
FF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2431931536.0000000000FF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
FF0000
|
| Size: |
4096
|
|
|
1642FABB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1680633412.000001642FABB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FABB000
|
| Size: |
258048
|
|
|
1CC0A9C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0A9C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0A9C9000
|
| Size: |
2764800
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B560EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382027156.000000B560EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B560EFE000
|
| Size: |
8192
|
|
|
A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A60000
|
| Size: |
45056
|
|
|
1311000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969161089.0000000001311000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1311000
|
| Size: |
61440
|
|
|
7FF88AFB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2078314507.00007FF88AFB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB0000
|
| Size: |
4096
|
|
|
2700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574824829.0000000002700000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2700000
|
| Size: |
4096
|
|
|
18AAD178000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD178000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD178000
|
| Size: |
45056
|
|
|
16417720000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1566511414.0000016417720000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
16417720000
|
| Size: |
4096
|
|
|
7FF88AE6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409699703.00007FF88AE6C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE6C000
|
| Size: |
4096
|
|
|
1B3A0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2432988478.000000001B3A0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B3A0000
|
| Size: |
4096
|
|
|
7FF88B250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698846844.00007FF88B250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B250000
|
| Size: |
65536
|
|
|
1642FCF7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCF7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCF7000
|
| Size: |
4096
|
|
|
1670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973820017.0000000001670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1670000
|
| Size: |
4096
|
|
|
23E31970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1445928617.0000023E31970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E31970000
|
| Size: |
4096
|
|
|
B56208E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382389176.000000B56208E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56208E000
|
| Size: |
8192
|
|
|
18A92D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717565299.0000018A92D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92D70000
|
| Size: |
20480
|
|
|
4998D77000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560099270.0000004998D77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998D77000
|
| Size: |
36864
|
|
|
1642FCDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCDB000
|
| Size: |
8192
|
|
|
7FF88B159000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534635313.00007FF88B159000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B159000
|
| Size: |
28672
|
|
|
23E32CEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32CEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32CEF000
|
| Size: |
741376
|
|
|
1CC08C48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C48000
|
| Size: |
40960
|
|
|
23E3167B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1443437992.0000023E3167B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E3167B000
|
| Size: |
798720
|
|
|
7FF88B000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531007928.00007FF88B000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B000000
|
| Size: |
65536
|
|
|
F7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2431890991.0000000000F7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F7F000
|
| Size: |
4096
|
|
|
7FF88AEB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529771272.00007FF88AEB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEB6000
|
| Size: |
24576
|
|
|
7FF88AE3B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607540648.00007FF88AE3B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE3B000
|
| Size: |
4096
|
|
|
18A9668E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A9668E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A9668E000
|
| Size: |
1826816
|
|
|
B5612BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382200548.000000B5612BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5612BE000
|
| Size: |
8192
|
|
|
18AACDC2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1892575874.0000018AACDC2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACDC2000
|
| Size: |
258048
|
|
|
23E4A000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E4A000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A000000
|
| Size: |
16384
|
|
|
7FF88B0D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412504920.00007FF88B0D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0D0000
|
| Size: |
65536
|
|
|
1C53A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606458698.000000001C53A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C53A000
|
| Size: |
24576
|
|
|
7FF88B165000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B165000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B165000
|
| Size: |
4096
|
|
|
EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574134300.0000000000EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EC0000
|
| Size: |
8192
|
|
|
7FF88AE1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904588827.00007FF88AE1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE1B000
|
| Size: |
4096
|
|
|
18A930A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721745516.0000018A930A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A930A0000
|
| Size: |
65536
|
|
|
23E33355000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E33355000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E33355000
|
| Size: |
929792
|
|
|
7FF88AE23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607220997.00007FF88AE23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE23000
|
| Size: |
40960
|
|
|
14D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D1000
|
| Size: |
32768
|
|
|
7FF88AE5C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1904816354.00007FF88AE5C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE5C000
|
| Size: |
4096
|
|
|
1CC23063000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC23063000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23063000
|
| Size: |
8192
|
|
|
16418AC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418AC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418AC9000
|
| Size: |
163840
|
|
|
1B3AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601612843.000000001B3AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B3AE000
|
| Size: |
8192
|
|
|
14C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072160915.00000000014C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14C0000
|
| Size: |
12288
|
|
|
1642FAAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1680633412.000001642FAAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FAAF000
|
| Size: |
8192
|
|
|
DBCAFB8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440335639.000000DBCAFB8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAFB8000
|
| Size: |
32768
|
|
|
141D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000141D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
141D000
|
| Size: |
12288
|
|
|
7FF88AE03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1975845169.00007FF88AE03000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE03000
|
| Size: |
4096
|
|
|
B560F7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382046138.000000B560F7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B560F7E000
|
| Size: |
8192
|
|
|
7FF88B060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1693736756.00007FF88B060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B060000
|
| Size: |
65536
|
|
|
1642FCD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCD2000
|
| Size: |
32768
|
|
|
7FF88AEB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433738383.00007FF88AEB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEB0000
|
| Size: |
4096
|
|
|
16427A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427A1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427A1B000
|
| Size: |
16384
|
|
|
1CC0BA49000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0BA49000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0BA49000
|
| Size: |
380928
|
|
|
152C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.000000000152C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
152C000
|
| Size: |
233472
|
|
|
4998BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1559937717.0000004998BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998BFE000
|
| Size: |
8192
|
|
|
7FF88AFE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530799390.00007FF88AFE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE8000
|
| Size: |
4096
|
|
|
3701000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153840211.0000000003701000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3701000
|
| Size: |
20480
|
|
|
7FF88B050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1909067433.00007FF88B050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B050000
|
| Size: |
65536
|
|
|
18A959E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959E2000
|
| Size: |
12288
|
|
|
1381000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.0000000001381000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1381000
|
| Size: |
8192
|
|
|
23E2FCC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441269915.0000023E2FCC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FCC0000
|
| Size: |
69632
|
|
|
7FF88ADED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1689690429.00007FF88ADED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88ADED000
|
| Size: |
12288
|
|
|
1346000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.0000000001346000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1346000
|
| Size: |
20480
|
|
|
1C0E8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606149627.000000001C0E8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C0E8000
|
| Size: |
32768
|
|
|
136A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000136A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
136A000
|
| Size: |
4096
|
|
|
16427AAB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427AAB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427AAB000
|
| Size: |
1282048
|
|
|
23E4A060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528975272.0000023E4A060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A060000
|
| Size: |
4096
|
|
|
1CC08CC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08CC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08CC7000
|
| Size: |
8192
|
|
|
7FF88B090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1694503681.00007FF88B090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B090000
|
| Size: |
65536
|
|
|
18A92E38000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E38000
|
| Size: |
4096
|
|
|
A6C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A6C000
|
| Size: |
122880
|
|
|
7FF88B150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697020820.00007FF88B150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B150000
|
| Size: |
40960
|
|
|
7FF88B0C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412410316.00007FF88B0C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0C0000
|
| Size: |
65536
|
|
|
2951000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432232800.0000000002951000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2951000
|
| Size: |
20480
|
|
|
7FF88AE6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607605119.00007FF88AE6C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE6C000
|
| Size: |
12288
|
|
|
69309B8000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716271846.00000069309B8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69309B8000
|
| Size: |
32768
|
|
|
7FF88AFC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691550835.00007FF88AFC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFC8000
|
| Size: |
4096
|
|
|
1642FAFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1680633412.000001642FAFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FAFB000
|
| Size: |
36864
|
|
|
7FF88B090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532394624.00007FF88B090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B090000
|
| Size: |
65536
|
|
|
4999D0A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561012274.0000004999D0A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999D0A000
|
| Size: |
24576
|
|
|
7FF88AE1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529289957.00007FF88AE1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE1B000
|
| Size: |
4096
|
|
|
23E41EB8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41EB8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41EB8000
|
| Size: |
12288
|
|
|
7FF88B0F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1533640502.00007FF88B0F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0F0000
|
| Size: |
65536
|
|
|
16415A11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A11000
|
| Size: |
4096
|
|
|
13AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.00000000013AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13AD000
|
| Size: |
8192
|
|
|
6930777000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715484442.0000006930777000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930777000
|
| Size: |
36864
|
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB0000
|
| Size: |
28672
|
|
|
7FF88AF20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1976388767.00007FF88AF20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF20000
|
| Size: |
12288
|
|
|
23E32E74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32E74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32E74000
|
| Size: |
389120
|
|
|
B56163E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382347169.000000B56163E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56163E000
|
| Size: |
8192
|
|
|
7FF88B080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411985833.00007FF88B080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B080000
|
| Size: |
65536
|
|
|
23E2FD0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD0D000
|
| Size: |
4096
|
|
|
18A95B33000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95B33000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95B33000
|
| Size: |
393216
|
|
|
1C540000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606577014.000000001C540000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C540000
|
| Size: |
8192
|
|
|
1BAA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975476859.000000001BAA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BAA0000
|
| Size: |
4096
|
|
|
7FF88B070000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1909655532.00007FF88B070000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B070000
|
| Size: |
65536
|
|
|
1CC23054000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC23054000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23054000
|
| Size: |
53248
|
|
|
7C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428263247.00000000007C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C0000
|
| Size: |
4096
|
|
|
16415A13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A13000
|
| Size: |
20480
|
|
|
294F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432232800.000000000294F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
294F000
|
| Size: |
4096
|
|
|
164159D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.00000164159D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
164159D0000
|
| Size: |
57344
|
|
|
23E31865000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444878003.0000023E31865000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31865000
|
| Size: |
8192
|
|
|
16427751000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427751000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427751000
|
| Size: |
8192
|
|
|
7FF88AE04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975882595.00007FF88AE04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE04000
|
| Size: |
4096
|
|
|
1BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153597824.0000000001BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BCE000
|
| Size: |
8192
|
|
|
7FF88AFF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410841908.00007FF88AFF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFF2000
|
| Size: |
4096
|
|
|
22DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153760438.00000000022DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
22DE000
|
| Size: |
8192
|
|
|
6930939000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716081988.0000006930939000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930939000
|
| Size: |
28672
|
|
|
164183C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164183C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164183C1000
|
| Size: |
929792
|
|
|
23E319E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446088467.0000023E319E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E319E0000
|
| Size: |
4096
|
|
|
B5615BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382327844.000000B5615BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5615BE000
|
| Size: |
8192
|
|
|
7FF88B16C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B16C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B16C000
|
| Size: |
8192
|
|
|
7FF88ADFD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433291503.00007FF88ADFD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88ADFD000
|
| Size: |
4096
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904588827.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
40960
|
|
|
7FF88B110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534059563.00007FF88B110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B110000
|
| Size: |
57344
|
|
|
23E32F0E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32F0E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32F0E000
|
| Size: |
520192
|
|
|
1642FDD9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1686178634.000001642FDD9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FDD9000
|
| Size: |
36864
|
|
|
7FF88B040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411598292.00007FF88B040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B040000
|
| Size: |
65536
|
|
|
7FF88AEB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904881409.00007FF88AEB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEB0000
|
| Size: |
8192
|
|
|
23E2FD07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD07000
|
| Size: |
4096
|
|
|
7FF88AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2076995257.00007FF88AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE20000
|
| Size: |
8192
|
|
|
1642FCB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCB6000
|
| Size: |
110592
|
|
|
18A94AF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A94AF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A94AF5000
|
| Size: |
1687552
|
|
|
693057E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715007147.000000693057E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693057E000
|
| Size: |
8192
|
|
|
136F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154303866.00000000136F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
136F1000
|
| Size: |
4096
|
|
|
18A96897000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A96897000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A96897000
|
| Size: |
49152
|
|
|
DBCBC8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440618621.000000DBCBC8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBC8E000
|
| Size: |
8192
|
|
|
23E2FBE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440947511.0000023E2FBE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FBE0000
|
| Size: |
8192
|
|
|
7FF88B270000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1915377286.00007FF88B270000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B270000
|
| Size: |
8192
|
|
|
B562187000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382454883.000000B562187000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B562187000
|
| Size: |
36864
|
|
|
7FF88AE2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2077925719.00007FF88AE2D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE2D000
|
| Size: |
4096
|
|
|
7FF88B256000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914818318.00007FF88B256000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B256000
|
| Size: |
40960
|
|
|
7FF88B220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413664133.00007FF88B220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B220000
|
| Size: |
65536
|
|
|
1CC08BE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382604171.000001CC08BE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08BE0000
|
| Size: |
8192
|
|
|
1CC0B399000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B399000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B399000
|
| Size: |
28672
|
|
|
7FF88B20C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535870881.00007FF88B20C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B20C000
|
| Size: |
16384
|
|
|
164184A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164184A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164184A5000
|
| Size: |
2691072
|
|
|
1CC08CCA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08CCA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08CCA000
|
| Size: |
479232
|
|
|
7FF88AEF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2155170623.00007FF88AEF6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEF6000
|
| Size: |
4096
|
|
|
7FF88AE1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2076950615.00007FF88AE1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE1D000
|
| Size: |
4096
|
|
|
7FF88B280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1915441763.00007FF88B280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B280000
|
| Size: |
65536
|
|
|
18A93020000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000A.00000002.1721570049.0000018A93020000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
18A93020000
|
| Size: |
4096
|
|
|
E7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2431853131.0000000000E7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7F000
|
| Size: |
4096
|
|
|
23E32C00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32C00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32C00000
|
| Size: |
569344
|
|
|
7FF88AFC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691550835.00007FF88AFC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFC2000
|
| Size: |
4096
|
|
|
7FF88AEBC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1905088419.00007FF88AEBC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEBC000
|
| Size: |
61440
|
|
|
7FF88AFC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1906921821.00007FF88AFC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFC0000
|
| Size: |
4096
|
|
|
693188E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717451677.000000693188E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693188E000
|
| Size: |
8192
|
|
|
1B782000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B782000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B782000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
18A94A50000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1725500821.0000018A94A50000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
18A94A50000
|
| Size: |
4096
|
|
|
7FF88B1FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914082977.00007FF88B1FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1FC000
|
| Size: |
8192
|
|
|
18AACE4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE4B000
|
| Size: |
4096
|
|
|
7FF88AECC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607723183.00007FF88AECC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AECC000
|
| Size: |
4096
|
|
|
12943000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432650876.0000000012943000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12943000
|
| Size: |
12288
|
|
|
7FF88ADFB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689751702.00007FF88ADFB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADFB000
|
| Size: |
4096
|
|
|
7FF88ADF3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433200036.00007FF88ADF3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88ADF3000
|
| Size: |
4096
|
|
|
7FF88AE14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1976024704.00007FF88AE14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE14000
|
| Size: |
24576
|
|
|
3121000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974483735.0000000003121000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3121000
|
| Size: |
40960
|
|
|
16415BB0000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000008.00000002.1563575176.0000016415BB0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
16415BB0000
|
| Size: |
4096
|
|
|
16417580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566181485.0000016417580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16417580000
|
| Size: |
12288
|
|
|
4999F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561266216.0000004999F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999F0E000
|
| Size: |
8192
|
|
|
1CC0C5A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C5A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C5A1000
|
| Size: |
118784
|
|
|
16415A2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A2D000
|
| Size: |
24576
|
|
|
23E2FD03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD03000
|
| Size: |
4096
|
|
|
693160E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716800386.000000693160E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693160E000
|
| Size: |
8192
|
|
|
1CC08C84000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C84000
|
| Size: |
4096
|
|
|
7FF88AF92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433896441.00007FF88AF92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF92000
|
| Size: |
12288
|
|
|
7FF88B200000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1698082256.00007FF88B200000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88B200000
|
| Size: |
4096
|
|
|
1260000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2071831907.0000000001260000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1260000
|
| Size: |
12288
|
|
|
1460000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2150291056.0000000001460000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1460000
|
| Size: |
4096
|
|
|
7FF88B160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413079528.00007FF88B160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B160000
|
| Size: |
4096
|
|
|
18A92E30000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E30000
|
| Size: |
12288
|
|
|
B561439000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382261329.000000B561439000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B561439000
|
| Size: |
28672
|
|
|
1CC0C0EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C0EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C0EF000
|
| Size: |
4763648
|
|
|
16418F93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418F93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418F93000
|
| Size: |
147456
|
|
|
7FF88AFC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1530706768.00007FF88AFC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFC0000
|
| Size: |
4096
|
|
|
23E319C0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1445965101.0000023E319C0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
23E319C0000
|
| Size: |
20480
|
|
|
1CC0B1F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B1F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B1F2000
|
| Size: |
1671168
|
|
|
1CC08C53000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C53000
|
| Size: |
163840
|
|
|
18A95676000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95676000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95676000
|
| Size: |
36864
|
|
|
18A963C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A963C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A963C1000
|
| Size: |
2924544
|
|
|
7FF88B110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412854495.00007FF88B110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B110000
|
| Size: |
24576
|
|
|
4998E79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560252420.0000004998E79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998E79000
|
| Size: |
28672
|
|
|
1530000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973675748.0000000001530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1530000
|
| Size: |
4096
|
|
|
3110000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1974369731.0000000003110000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
3110000
|
| Size: |
4096
|
|
|
7FF88B040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1908740492.00007FF88B040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B040000
|
| Size: |
65536
|
|
|
2FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974292331.0000000002FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2FC0000
|
| Size: |
4096
|
|
|
7FF88B060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531947389.00007FF88B060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B060000
|
| Size: |
65536
|
|
|
18A961F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A961F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A961F4000
|
| Size: |
929792
|
|
|
1B776000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B776000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B776000
|
| Size: |
45056
|
|
|
1CC22DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406444314.000001CC22DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22DE0000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1414096606.00007FF88B280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B280000
|
| Size: |
8192
|
|
|
1642FCFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCFB000
|
| Size: |
8192
|
|
|
1CC08C40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C40000
|
| Size: |
28672
|
|
|
13B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13B0000
|
| Size: |
204800
|
|
|
7FF88AE1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2154781253.00007FF88AE1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE1D000
|
| Size: |
4096
|
|
|
7FF88B020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411408578.00007FF88B020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B020000
|
| Size: |
65536
|
|
|
F50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149307493.0000000000F50000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F50000
|
| Size: |
4096
|
|
|
23E2FD4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD4B000
|
| Size: |
8192
|
|
|
7FF88AFA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530388125.00007FF88AFA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFA0000
|
| Size: |
4096
|
|
|
7FF88B130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696622608.00007FF88B130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B130000
|
| Size: |
4096
|
|
|
23E49F6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E49F6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F6D000
|
| Size: |
12288
|
|
|
1060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2431979557.0000000001060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1060000
|
| Size: |
12288
|
|
|
16417686000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1566333969.0000016417686000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
16417686000
|
| Size: |
16384
|
|
|
23E32DA7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32DA7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32DA7000
|
| Size: |
229376
|
|
|
18A92E7A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E7A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E7A000
|
| Size: |
479232
|
|
|
14A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14A8000
|
| Size: |
118784
|
|
|
1CC22C29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404932876.000001CC22C29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22C29000
|
| Size: |
65536
|
|
|
1642FD07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FD07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FD07000
|
| Size: |
4096
|
|
|
215D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153688155.000000000215D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
215D000
|
| Size: |
12288
|
|
|
7FF88B170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413160978.00007FF88B170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B170000
|
| Size: |
28672
|
|
|
107D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.000000000107D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
107D000
|
| Size: |
28672
|
|
|
7FF88B250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1536632499.00007FF88B250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B250000
|
| Size: |
65536
|
|
|
16419551000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016419551000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16419551000
|
| Size: |
49152
|
|
|
7FF88B0A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695020641.00007FF88B0A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0A0000
|
| Size: |
65536
|
|
|
1CC23000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC23000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23000000
|
| Size: |
4096
|
|
|
B56153E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382304404.000000B56153E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56153E000
|
| Size: |
8192
|
|
|
7FF88AECC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409801054.00007FF88AECC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AECC000
|
| Size: |
61440
|
|
|
18A93010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721518882.0000018A93010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A93010000
|
| Size: |
4096
|
|
|
1CC0B9B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B9B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B9B4000
|
| Size: |
606208
|
|
|
7FF88B0E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1911724364.00007FF88B0E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0E5000
|
| Size: |
45056
|
|
|
1BC30000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1975586211.000000001BC30000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1BC30000
|
| Size: |
4096
|
|
|
18A94A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725533287.0000018A94A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A94A60000
|
| Size: |
4096
|
|
|
7FF88AF30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1410062051.00007FF88AF30000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF30000
|
| Size: |
53248
|
|
|
23E2FC20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440971157.0000023E2FC20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FC20000
|
| Size: |
4096
|
|
|
69304FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1714942707.00000069304FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69304FE000
|
| Size: |
8192
|
|
|
16417650000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1566304656.0000016417650000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
16417650000
|
| Size: |
4096
|
|
|
7DF481810000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409385918.00007DF481810000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF481810000
|
| Size: |
4096
|
|
|
1CC08EA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383254212.000001CC08EA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08EA5000
|
| Size: |
24576
|
|
|
18A96300000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A96300000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A96300000
|
| Size: |
778240
|
|
|
1B6B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B6B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6B2000
|
| Size: |
389120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7FF88B060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411783800.00007FF88B060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B060000
|
| Size: |
65536
|
|
|
7FF88B1A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413417931.00007FF88B1A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1A0000
|
| Size: |
36864
|
|
|
23E4A068000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528975272.0000023E4A068000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A068000
|
| Size: |
8192
|
|
|
7FF88B190000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413385864.00007FF88B190000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B190000
|
| Size: |
16384
|
|
|
23E2FCE8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FCE8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FCE8000
|
| Size: |
94208
|
|
|
1CC08F75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383390348.000001CC08F75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08F75000
|
| Size: |
40960
|
|
|
16415A1B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A1B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A1B000
|
| Size: |
4096
|
|
|
7FF88B1F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697950098.00007FF88B1F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1F0000
|
| Size: |
32768
|
|
|
7FF88AFF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1907228370.00007FF88AFF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFF0000
|
| Size: |
45056
|
|
|
B5613BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382240464.000000B5613BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5613BC000
|
| Size: |
16384
|
|
|
7FF88B0B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532699070.00007FF88B0B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0B0000
|
| Size: |
65536
|
|
|
18A92E03000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E03000
|
| Size: |
167936
|
|
|
23E339F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E339F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E339F3000
|
| Size: |
16384
|
|
|
23E49F83000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E49F83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F83000
|
| Size: |
208896
|
|
|
1885000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974054349.0000000001885000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1885000
|
| Size: |
8192
|
|
|
12811000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2599535141.0000000012811000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12811000
|
| Size: |
24576
|
|
|
23E31820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444537140.0000023E31820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31820000
|
| Size: |
122880
|
|
|
23E31916000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1445683949.0000023E31916000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31916000
|
| Size: |
36864
|
|
|
7FF88AFA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530388125.00007FF88AFA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFA2000
|
| Size: |
57344
|
|
|
7FF88B030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411507963.00007FF88B030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B030000
|
| Size: |
65536
|
|
|
7FF88ADE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689466913.00007FF88ADE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADE0000
|
| Size: |
4096
|
|
|
18AAD070000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD070000
|
| Size: |
4096
|
|
|
18A956AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A956AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A956AA000
|
| Size: |
397312
|
|
|
7FF88AEF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2078170137.00007FF88AEF6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEF6000
|
| Size: |
4096
|
|
|
7FF88AEE6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1976344421.00007FF88AEE6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEE6000
|
| Size: |
4096
|
|
|
23E31815000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444427230.0000023E31815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31815000
|
| Size: |
24576
|
|
|
7FF88AFE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1410761278.00007FF88AFE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFE0000
|
| Size: |
24576
|
|
|
7DF4BEE60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529043291.00007DF4BEE60000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4BEE60000
|
| Size: |
4096
|
|
|
7FF88AEC6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1690371716.00007FF88AEC6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEC6000
|
| Size: |
86016
|
|
|
18A94C98000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A94C98000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A94C98000
|
| Size: |
2695168
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1CC2303E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC2303E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC2303E000
|
| Size: |
20480
|
|
|
7FF88AEB6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904942286.00007FF88AEB6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEB6000
|
| Size: |
24576
|
|
|
AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA0000
|
| Size: |
4096
|
|
|
16418EAE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418EAE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418EAE000
|
| Size: |
663552
|
|
|
7FF88B14C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696799329.00007FF88B14C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B14C000
|
| Size: |
8192
|
|
|
18AACE02000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1892575874.0000018AACE02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE02000
|
| Size: |
8192
|
|
|
1B48D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2074300922.000000001B48D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B48D000
|
| Size: |
12288
|
|
|
7FF88B1FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535739989.00007FF88B1FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1FA000
|
| Size: |
24576
|
|
|
1CC22BF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404932876.000001CC22BF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22BF0000
|
| Size: |
208896
|
|
|
137F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000137F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137F000
|
| Size: |
4096
|
|
|
1CC0B51D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B51D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B51D000
|
| Size: |
2646016
|
|
|
693170E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716979649.000000693170E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693170E000
|
| Size: |
8192
|
|
|
23E2FDF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1443168026.0000023E2FDF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2FDF0000
|
| Size: |
12288
|
|
|
1BA50000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2075541169.000000001BA50000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1BA50000
|
| Size: |
4096
|
|
|
7FF88B148000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696799329.00007FF88B148000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B148000
|
| Size: |
12288
|
|
|
16418765000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418765000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418765000
|
| Size: |
565248
|
|
|
18A92DF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92DF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92DF8000
|
| Size: |
40960
|
|
|
7FF88AFB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1691523225.00007FF88AFB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFB0000
|
| Size: |
4096
|
|
|
EF1000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068144282.0000000000EF1000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EF1000
|
| Size: |
61440
|
|
|
7FF88B180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535580640.00007FF88B180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B180000
|
| Size: |
16384
|
|
|
16418AF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418AF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418AF3000
|
| Size: |
3907584
|
|
|
13873D90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932904978.0000013873D90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873D90000
|
| Size: |
4096
|
|
|
7FF88AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1976193110.00007FF88AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE20000
|
| Size: |
4096
|
|
|
16419507000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016419507000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16419507000
|
| Size: |
143360
|
|
|
1CC0A828000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0A828000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0A828000
|
| Size: |
1679360
|
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
28672
|
|
|
4998DFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560202424.0000004998DFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998DFD000
|
| Size: |
12288
|
|
|
18AAD1BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1903413036.0000018AAD1BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD1BF000
|
| Size: |
45056
|
|
|
7DF413240000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1689405224.00007DF413240000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF413240000
|
| Size: |
4096
|
|
|
7FF88B070000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1693979912.00007FF88B070000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B070000
|
| Size: |
65536
|
|
|
18A95B96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95B96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95B96000
|
| Size: |
741376
|
|
|
7FF88AFC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2608327737.00007FF88AFC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFC0000
|
| Size: |
20480
|
|
|
7FF88B270000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1414000031.00007FF88B270000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B270000
|
| Size: |
65536
|
|
|
18A92E2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E2E000
|
| Size: |
4096
|
|
|
4998C79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1559976810.0000004998C79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998C79000
|
| Size: |
28672
|
|
|
1B8CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2074779596.000000001B8CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B8CE000
|
| Size: |
8192
|
|
|
1CC0AC6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0AC6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0AC6E000
|
| Size: |
5779456
|
|
|
7FF88B20E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914176109.00007FF88B20E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B20E000
|
| Size: |
8192
|
|
|
18A95680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95680000
|
| Size: |
167936
|
|
|
18A9684D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A9684D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A9684D000
|
| Size: |
143360
|
|
|
7FF88AFD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2608411202.00007FF88AFD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFD0000
|
| Size: |
8192
|
|
|
7FF88AEC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409760056.00007FF88AEC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEC6000
|
| Size: |
24576
|
|
|
1CC08C8C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C8C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C8C000
|
| Size: |
4096
|
|
|
1690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973858245.0000000001690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1690000
|
| Size: |
12288
|
|
|
EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574187281.0000000000EE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EE0000
|
| Size: |
4096
|
|
|
164193E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164193E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164193E4000
|
| Size: |
1187840
|
|
|
18A92E4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E4E000
|
| Size: |
20480
|
|
|
1450000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973633848.0000000001450000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1450000
|
| Size: |
4096
|
|
|
1CC08CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08CA1000
|
| Size: |
8192
|
|
|
18AAD125000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD125000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD125000
|
| Size: |
8192
|
|
|
1695000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1973858245.0000000001695000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1695000
|
| Size: |
8192
|
|
|
7FF88AE4C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433663895.00007FF88AE4C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE4C000
|
| Size: |
4096
|
|
|
7FF88B250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413862199.00007FF88B250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B250000
|
| Size: |
36864
|
|
|
7FF88B16C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534923337.00007FF88B16C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B16C000
|
| Size: |
8192
|
|
|
16417731000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016417731000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16417731000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6930A39000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716428857.0000006930A39000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930A39000
|
| Size: |
28672
|
|
|
18AAD1A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1903058519.0000018AAD1A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD1A0000
|
| Size: |
73728
|
|
|
18A95671000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A95671000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A95671000
|
| Size: |
16384
|
|
|
1CC22C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405704339.000001CC22C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22C70000
|
| Size: |
49152
|
|
|
7FF88AE5C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1976237369.00007FF88AE5C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE5C000
|
| Size: |
4096
|
|
|
1028000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000001028000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1028000
|
| Size: |
344064
|
|
|
13873E80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1933361256.0000013873E80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873E80000
|
| Size: |
16384
|
|
|
164187F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.00000164187F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164187F0000
|
| Size: |
401408
|
|
|
1CC0B3A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B3A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B3A9000
|
| Size: |
1515520
|
|
|
940000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569746426.0000000000940000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
940000
|
| Size: |
4096
|
|
|
7FF88AEF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607781832.00007FF88AEF6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEF6000
|
| Size: |
4096
|
|
|
36FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153840211.00000000036FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FC000
|
| Size: |
8192
|
|
|
A8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569915043.0000000000A8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A8B000
|
| Size: |
81920
|
|
|
23E2FD09000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441725676.0000023E2FD09000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FD09000
|
| Size: |
12288
|
|
|
1CC0B7A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B7A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B7A6000
|
| Size: |
176128
|
|
|
18AACE4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE4D000
|
| Size: |
4096
|
|
|
23E49F3C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1526501844.0000023E49F3C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F3C000
|
| Size: |
188416
|
|
|
18A94F3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A94F3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A94F3D000
|
| Size: |
5791744
|
|
|
7FF88AF90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433896441.00007FF88AF90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF90000
|
| Size: |
4096
|
|
|
7FF88B0E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1533248154.00007FF88B0E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0E0000
|
| Size: |
65536
|
|
|
1CC22C97000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22C97000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22C97000
|
| Size: |
53248
|
|
|
23E2FCD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441269915.0000023E2FCD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FCD5000
|
| Size: |
49152
|
|
|
1CC22DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406363613.000001CC22DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22DB0000
|
| Size: |
4096
|
|
|
7FF88AFB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410181754.00007FF88AFB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB0000
|
| Size: |
65536
|
|
|
7FF88B170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535382783.00007FF88B170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B170000
|
| Size: |
65536
|
|
|
C65000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2573910262.0000000000C65000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C65000
|
| Size: |
24576
|
|
|
DBCBD0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440657941.000000DBCBD0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBD0E000
|
| Size: |
8192
|
|
|
7FF88B0A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1910606062.00007FF88B0A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0A0000
|
| Size: |
65536
|
|
|
7FF88B270000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1537093062.00007FF88B270000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B270000
|
| Size: |
8192
|
|
|
23E4A049000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528800112.0000023E4A049000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A049000
|
| Size: |
4096
|
|
|
12822000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2599535141.0000000012822000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12822000
|
| Size: |
323584
|
|
|
7FF88B000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1907433118.00007FF88B000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B000000
|
| Size: |
65536
|
|
|
26C0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2574790300.00000000026C0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
26C0000
|
| Size: |
4096
|
|
|
7FF88B140000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413012981.00007FF88B140000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B140000
|
| Size: |
4096
|
|
|
EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574221130.0000000000EF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EF0000
|
| Size: |
8192
|
|
|
49991BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560818287.00000049991BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49991BE000
|
| Size: |
8192
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409411908.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
4096
|
|
|
B561079000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382093190.000000B561079000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B561079000
|
| Size: |
28672
|
|
|
7FF88AEB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529728189.00007FF88AEB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEB0000
|
| Size: |
8192
|
|
|
13873B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932293561.0000013873B90000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873B90000
|
| Size: |
4096
|
|
|
7FF88B120000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1912861374.00007FF88B120000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B120000
|
| Size: |
16384
|
|
|
7FF88AE0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1904509904.00007FF88AE0D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE0D000
|
| Size: |
12288
|
|
|
23E31BC0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1446239760.0000023E31BC0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
23E31BC0000
|
| Size: |
4096
|
|
|
7FF88AE13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2076801202.00007FF88AE13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE13000
|
| Size: |
4096
|
|
|
23E49F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1526501844.0000023E49F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F30000
|
| Size: |
28672
|
|
|
1154F0F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932111779.0000001154F0F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1154F0F000
|
| Size: |
4096
|
|
|
13873D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932534969.0000013873D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873D70000
|
| Size: |
4096
|
|
|
18AACE4F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE4F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE4F000
|
| Size: |
364544
|
|
|
7FF88B133000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1912979223.00007FF88B133000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B133000
|
| Size: |
28672
|
|
|
7FF88B0C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532939377.00007FF88B0C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0C0000
|
| Size: |
65536
|
|
|
23E2FC90000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1441120402.0000023E2FC90000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
23E2FC90000
|
| Size: |
4096
|
|
|
7FF88AEBC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529848905.00007FF88AEBC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEBC000
|
| Size: |
61440
|
|
|
1AA0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2153500031.0000000001AA0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1AA0000
|
| Size: |
4096
|
|
|
FC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC8000
|
| Size: |
69632
|
|
|
7FF88AFB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2155388640.00007FF88AFB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB2000
|
| Size: |
8192
|
|
|
B65000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428746747.0000000000B65000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B65000
|
| Size: |
4096
|
|
|
1CC230C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409279679.000001CC230C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC230C0000
|
| Size: |
4096
|
|
|
7FF88B240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698795842.00007FF88B240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B240000
|
| Size: |
8192
|
|
|
18AA4D62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D62000
|
| Size: |
4096
|
|
|
1085000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000001085000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1085000
|
| Size: |
12288
|
|
|
16417BFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016417BFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16417BFD000
|
| Size: |
5783552
|
|
|
7FF88B169000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413079528.00007FF88B169000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B169000
|
| Size: |
28672
|
|
|
136F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154303866.00000000136F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
136F3000
|
| Size: |
12288
|
|
|
7FF88B090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1910293435.00007FF88B090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B090000
|
| Size: |
65536
|
|
|
1CC23066000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC23066000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23066000
|
| Size: |
4096
|
|
|
7FF88B16A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B16A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B16A000
|
| Size: |
4096
|
|
|
18A93060000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721610197.0000018A93060000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A93060000
|
| Size: |
12288
|
|
|
7FF88AE9C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1690151628.00007FF88AE9C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE9C000
|
| Size: |
61440
|
|
|
7FF88AFE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530799390.00007FF88AFE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE2000
|
| Size: |
4096
|
|
|
49990BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560751899.00000049990BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49990BF000
|
| Size: |
4096
|
|
|
FDA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FDA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FDA000
|
| Size: |
53248
|
|
|
7B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428216463.00000000007B0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B0000
|
| Size: |
4096
|
|
|
18A96892000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A96892000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A96892000
|
| Size: |
16384
|
|
|
7FF88ADE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689466913.00007FF88ADE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADE2000
|
| Size: |
4096
|
|
|
16415A0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A0C000
|
| Size: |
8192
|
|
|
1BC9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154603047.000000001BC9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BC9E000
|
| Size: |
8192
|
|
|
23E31810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444427230.0000023E31810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31810000
|
| Size: |
12288
|
|
|
23E4A290000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529023096.0000023E4A290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A290000
|
| Size: |
4096
|
|
|
1CC22D60000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406232408.000001CC22D60000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1CC22D60000
|
| Size: |
4096
|
|
|
7FF88ADF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433250943.00007FF88ADF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADF4000
|
| Size: |
4096
|
|
|
7FF88AFD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1410638144.00007FF88AFD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFD0000
|
| Size: |
4096
|
|
|
1CC0B97B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B97B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B97B000
|
| Size: |
229376
|
|
|
7FF88AE04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904256842.00007FF88AE04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE04000
|
| Size: |
36864
|
|
|
7FF88B230000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413759633.00007FF88B230000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B230000
|
| Size: |
65536
|
|
|
1CC227A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1403633383.000001CC227A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC227A3000
|
| Size: |
798720
|
|
|
7FF88B130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412976970.00007FF88B130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B130000
|
| Size: |
16384
|
|
|
DBCBE8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440845441.000000DBCBE8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCBE8E000
|
| Size: |
8192
|
|
|
1CC22CAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405766045.000001CC22CAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22CAB000
|
| Size: |
8192
|
|
|
1CC0C5C6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0C5C6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0C5C6000
|
| Size: |
49152
|
|
|
7FF88B154000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534635313.00007FF88B154000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B154000
|
| Size: |
4096
|
|
|
7FF88B150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534635313.00007FF88B150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B150000
|
| Size: |
4096
|
|
|
1CC23047000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC23047000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23047000
|
| Size: |
8192
|
|
|
7FF88AFD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1906953880.00007FF88AFD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFD0000
|
| Size: |
24576
|
|
|
7FF88AE13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409486247.00007FF88AE13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE13000
|
| Size: |
4096
|
|
|
23E31C57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E31C57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E31C57000
|
| Size: |
1683456
|
|
|
B00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428655153.0000000000B00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B00000
|
| Size: |
8192
|
|
|
7FF88AE30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2077984266.00007FF88AE30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE30000
|
| Size: |
4096
|
|
|
7FF88B143000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413034981.00007FF88B143000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B143000
|
| Size: |
28672
|
|
|
1642FE30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1688721081.000001642FE30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FE30000
|
| Size: |
32768
|
|
|
1641952C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.000001641952C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1641952C000
|
| Size: |
118784
|
|
|
18AAD12F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1898095553.0000018AAD12F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD12F000
|
| Size: |
258048
|
|
|
7FF88B168000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1534923337.00007FF88B168000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B168000
|
| Size: |
12288
|
|
|
7FF88B200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535870881.00007FF88B200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B200000
|
| Size: |
4096
|
|
|
2D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072333208.0000000002D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D6E000
|
| Size: |
8192
|
|
|
18AA4D64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D64000
|
| Size: |
4096
|
|
|
23E41EC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41EC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41EC6000
|
| Size: |
4096
|
|
|
1B1A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601352623.000000001B1A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B1A3000
|
| Size: |
12288
|
|
|
18A92D60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717515855.0000018A92D60000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92D60000
|
| Size: |
4096
|
|
|
7FF88AE2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409598066.00007FF88AE2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE2B000
|
| Size: |
4096
|
|
|
164176C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566482036.00000164176C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
164176C0000
|
| Size: |
4096
|
|
|
1B9EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2605793997.000000001B9EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B9EF000
|
| Size: |
4096
|
|
|
7FF88AE6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2155106174.00007FF88AE6C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE6C000
|
| Size: |
4096
|
|
|
F00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574546326.0000000000F00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F00000
|
| Size: |
12288
|
|
|
6930B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1716608528.0000006930B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930B3F000
|
| Size: |
4096
|
|
|
7FF88AFA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1976468149.00007FF88AFA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFA0000
|
| Size: |
4096
|
|
|
C1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2573830505.0000000000C1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C1F000
|
| Size: |
4096
|
|
|
7FF88B030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531496141.00007FF88B030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B030000
|
| Size: |
65536
|
|
|
1340000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.0000000001340000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1340000
|
| Size: |
20480
|
|
|
12F1000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149820337.00000000012F1000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12F1000
|
| Size: |
61440
|
|
|
16427A24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427A24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427A24000
|
| Size: |
4096
|
|
|
7FF88AF30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2078210547.00007FF88AF30000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF30000
|
| Size: |
12288
|
|
|
1641954C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.000001641954C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1641954C000
|
| Size: |
16384
|
|
|
1B9EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2075323257.000000001B9EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B9EF000
|
| Size: |
4096
|
|
|
7FF88AF30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2155288722.00007FF88AF30000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF30000
|
| Size: |
12288
|
|
|
18A9566F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A9566F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A9566F000
|
| Size: |
4096
|
|
|
16427A16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427A16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427A16000
|
| Size: |
12288
|
|
|
7FF88B030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1908355151.00007FF88B030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B030000
|
| Size: |
65536
|
|
|
7FF88B162000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913288617.00007FF88B162000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B162000
|
| Size: |
4096
|
|
|
7FF88AE00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2433335532.00007FF88AE00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE00000
|
| Size: |
8192
|
|
|
7FF88B0F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412682646.00007FF88B0F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0F0000
|
| Size: |
65536
|
|
|
23E32DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E32DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E32DE0000
|
| Size: |
602112
|
|
|
1CC22C3A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404932876.000001CC22C3A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22C3A000
|
| Size: |
217088
|
|
|
16415970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561447209.0000016415970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415970000
|
| Size: |
4096
|
|
|
1CC0BB65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0BB65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0BB65000
|
| Size: |
3915776
|
|
|
7FF88B050000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1411690199.00007FF88B050000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B050000
|
| Size: |
65536
|
|
|
18A959E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A959E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A959E6000
|
| Size: |
12288
|
|
|
7FF88B030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1693033011.00007FF88B030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B030000
|
| Size: |
65536
|
|
|
23E49F10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1526501844.0000023E49F10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49F10000
|
| Size: |
36864
|
|
|
301F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072548566.000000000301F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
1BEDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2605992248.000000001BEDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BEDE000
|
| Size: |
8192
|
|
|
EF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574221130.0000000000EF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EF3000
|
| Size: |
53248
|
|
|
7FF88B1EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1697837686.00007FF88B1EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1EC000
|
| Size: |
16384
|
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149758471.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FD0000
|
| Size: |
8192
|
|
|
7FF88B010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1692543579.00007FF88B010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B010000
|
| Size: |
65536
|
|
|
1CC08BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382557121.000001CC08BB0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08BB0000
|
| Size: |
4096
|
|
|
1CC08C20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382622016.000001CC08C20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C20000
|
| Size: |
4096
|
|
|
23E2FBC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440897858.0000023E2FBC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FBC0000
|
| Size: |
16384
|
|
|
B56230E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382519559.000000B56230E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56230E000
|
| Size: |
8192
|
|
|
1BB2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154488161.000000001BB2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BB2E000
|
| Size: |
8192
|
|
|
7FF88B040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1693258866.00007FF88B040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B040000
|
| Size: |
65536
|
|
|
1642FE2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1688721081.000001642FE2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FE2D000
|
| Size: |
8192
|
|
|
DBCAE3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440196973.000000DBCAE3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAE3E000
|
| Size: |
8192
|
|
|
7FF88AFE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1907084061.00007FF88AFE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE8000
|
| Size: |
4096
|
|
|
23E49FB7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E49FB7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E49FB7000
|
| Size: |
294912
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B040000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531643556.00007FF88B040000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B040000
|
| Size: |
65536
|
|
|
F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149382417.0000000000F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F80000
|
| Size: |
4096
|
|
|
1CC22EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406602316.000001CC22EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22EC0000
|
| Size: |
65536
|
|
|
1C43C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606378818.000000001C43C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C43C000
|
| Size: |
16384
|
|
|
1CC08C88000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C88000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C88000
|
| Size: |
4096
|
|
|
1CC08E20000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383050685.000001CC08E20000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1CC08E20000
|
| Size: |
4096
|
|
|
7FF88AE2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2154998377.00007FF88AE2D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE2D000
|
| Size: |
4096
|
|
|
1642FDA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1686178634.000001642FDA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FDA9000
|
| Size: |
155648
|
|
|
23E328E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E328E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E328E1000
|
| Size: |
3080192
|
|
|
16427761000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427761000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427761000
|
| Size: |
225280
|
|
|
7FF88AEC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2078069805.00007FF88AEC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEC0000
|
| Size: |
4096
|
|
|
B56220E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382478142.000000B56220E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56220E000
|
| Size: |
8192
|
|
|
7FF88B159000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913124344.00007FF88B159000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B159000
|
| Size: |
28672
|
|
|
C17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000C17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C17000
|
| Size: |
368640
|
|
|
7FF88B210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914227238.00007FF88B210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B210000
|
| Size: |
32768
|
|
|
23E339D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E339D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E339D3000
|
| Size: |
118784
|
|
|
7FF88B154000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913124344.00007FF88B154000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B154000
|
| Size: |
4096
|
|
|
7FF88B090000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412105711.00007FF88B090000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B090000
|
| Size: |
65536
|
|
|
7FF88AFE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2608453242.00007FF88AFE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE0000
|
| Size: |
16384
|
|
|
23E31BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E31BD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E31BD1000
|
| Size: |
536576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
F40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068521285.0000000000F40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F40000
|
| Size: |
4096
|
|
|
16415C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563868607.0000016415C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415C80000
|
| Size: |
16384
|
|
|
7FF88AFF8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410841908.00007FF88AFF8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFF8000
|
| Size: |
4096
|
|
|
7FF88B230000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1536481192.00007FF88B230000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88B230000
|
| Size: |
4096
|
|
|
18AACEA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACEA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACEA9000
|
| Size: |
24576
|
|
|
7FF88AFA2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1976468149.00007FF88AFA2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFA2000
|
| Size: |
12288
|
|
|
7FF88AE1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1976146760.00007FF88AE1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE1D000
|
| Size: |
4096
|
|
|
13873C78000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1932341185.0000013873C78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13873C78000
|
| Size: |
155648
|
|
|
1065000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2431979557.0000000001065000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1065000
|
| Size: |
8192
|
|
|
B561336000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382220317.000000B561336000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B561336000
|
| Size: |
40960
|
|
|
B561279000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382180298.000000B561279000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B561279000
|
| Size: |
28672
|
|
|
DBCAA7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1439785113.000000DBCAA7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAA7E000
|
| Size: |
8192
|
|
|
1642FB90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684040575.000001642FB90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FB90000
|
| Size: |
20480
|
|
|
23E2FCA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1441145353.0000023E2FCA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E2FCA0000
|
| Size: |
65536
|
|
|
4999C0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560920668.0000004999C0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999C0F000
|
| Size: |
4096
|
|
|
69307FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715713567.00000069307FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69307FD000
|
| Size: |
12288
|
|
|
7FF88AE3D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607575049.00007FF88AE3D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE3D000
|
| Size: |
4096
|
|
|
1B6B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B6B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6B0000
|
| Size: |
4096
|
|
|
7FF88B113000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696502402.00007FF88B113000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B113000
|
| Size: |
28672
|
|
|
23E31920000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1445890460.0000023E31920000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
23E31920000
|
| Size: |
4096
|
|
|
164159B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561472343.00000164159B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
164159B0000
|
| Size: |
16384
|
|
|
18A92FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721424540.0000018A92FF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A92FF0000
|
| Size: |
16384
|
|
|
23E41ED6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1510749043.0000023E41ED6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E41ED6000
|
| Size: |
1769472
|
|
|
7DF4817F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409306509.00007DF4817F0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4817F0000
|
| Size: |
4096
|
|
|
7FF88AE24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2077661319.00007FF88AE24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE24000
|
| Size: |
24576
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975966234.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
8192
|
|
|
DBCAAFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1439918170.000000DBCAAFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAAFE000
|
| Size: |
8192
|
|
|
7FF88B0A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532540563.00007FF88B0A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0A0000
|
| Size: |
65536
|
|
|
7FF88B260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1915076212.00007FF88B260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B260000
|
| Size: |
65536
|
|
|
7FF88B170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913502863.00007FF88B170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B170000
|
| Size: |
65536
|
|
|
16415A55000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A55000
|
| Size: |
4096
|
|
|
6930877000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715843060.0000006930877000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6930877000
|
| Size: |
36864
|
|
|
1880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1974054349.0000000001880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1880000
|
| Size: |
12288
|
|
|
7FF88AFA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1691426512.00007FF88AFA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AFA0000
|
| Size: |
24576
|
|
|
4998B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1559901036.0000004998B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4998B7E000
|
| Size: |
8192
|
|
|
7FF88AFB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1530535850.00007FF88AFB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB1000
|
| Size: |
32768
|
|
|
7FF88AE20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607178626.00007FF88AE20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE20000
|
| Size: |
8192
|
|
|
B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428710375.0000000000B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B50000
|
| Size: |
4096
|
|
|
1BBEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2605874680.000000001BBEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BBEE000
|
| Size: |
8192
|
|
|
7FF88B130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1912944038.00007FF88B130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B130000
|
| Size: |
4096
|
|
|
1CC1AA8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1AA8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1AA8A000
|
| Size: |
12288
|
|
|
13128000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975216579.0000000013128000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13128000
|
| Size: |
4096
|
|
|
7FF88AF10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000013.00000002.2433804307.00007FF88AF10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AF10000
|
| Size: |
12288
|
|
|
1CC0B860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B860000
|
| Size: |
393216
|
|
|
1CC0B7D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383585834.000001CC0B7D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC0B7D2000
|
| Size: |
577536
|
|
|
1CC1AAA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1398600459.000001CC1AAA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC1AAA8000
|
| Size: |
1769472
|
|
|
1374000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.0000000001374000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1374000
|
| Size: |
40960
|
|
|
7FF88AF9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691130379.00007FF88AF9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF9A000
|
| Size: |
24576
|
|
|
7FF88B240000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1413845271.00007FF88B240000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88B240000
|
| Size: |
4096
|
|
|
7FF88AE2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607412295.00007FF88AE2D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE2D000
|
| Size: |
12288
|
|
|
5A0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1305790811.00000000005A0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5A0000
|
| Size: |
4096
|
|
|
7FF88AE14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1409508733.00007FF88AE14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE14000
|
| Size: |
36864
|
|
|
136C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000136C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
136C000
|
| Size: |
4096
|
|
|
4999C8D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1560966114.0000004999C8D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4999C8D000
|
| Size: |
12288
|
|
|
7FF88AE5C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529686880.00007FF88AE5C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE5C000
|
| Size: |
4096
|
|
|
18A92D90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717708105.0000018A92D90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92D90000
|
| Size: |
8192
|
|
|
7FF88B0E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695975975.00007FF88B0E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0E0000
|
| Size: |
20480
|
|
|
FA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149421828.0000000000FA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FA5000
|
| Size: |
8192
|
|
|
23E328DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E328DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E328DF000
|
| Size: |
4096
|
|
|
7FF88ADF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1689751702.00007FF88ADF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88ADF0000
|
| Size: |
40960
|
|
|
18A962D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A962D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A962D9000
|
| Size: |
147456
|
|
|
7FF88AEC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607663235.00007FF88AEC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEC0000
|
| Size: |
4096
|
|
|
18A93030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721610197.0000018A93030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A93030000
|
| Size: |
4096
|
|
|
23E4A00E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1527243236.0000023E4A00E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A00E000
|
| Size: |
20480
|
|
|
16427A34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1665100657.0000016427A34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16427A34000
|
| Size: |
475136
|
|
|
23E3209E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E3209E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E3209E000
|
| Size: |
5783552
|
|
|
7FF88B080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1909952037.00007FF88B080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B080000
|
| Size: |
65536
|
|
|
1281E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2599535141.000000001281E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1281E000
|
| Size: |
8192
|
|
|
1642FCF3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCF3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCF3000
|
| Size: |
4096
|
|
|
1CC22FFD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC22FFD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC22FFD000
|
| Size: |
8192
|
|
|
7FF88B1FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1914082977.00007FF88B1FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1FA000
|
| Size: |
4096
|
|
|
1BAEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2605825388.000000001BAEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BAEE000
|
| Size: |
8192
|
|
|
7DF474290000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1904064368.00007DF474290000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF474290000
|
| Size: |
4096
|
|
|
3011000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072548566.0000000003011000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3011000
|
| Size: |
40960
|
|
|
1B714000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601953015.000000001B714000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B714000
|
| Size: |
233472
|
|
|
BB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB8000
|
| Size: |
73728
|
|
|
7FF88AEB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1976274331.00007FF88AEB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AEB0000
|
| Size: |
4096
|
|
|
1BB5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2075869905.000000001BB5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BB5E000
|
| Size: |
8192
|
|
|
1CC08E50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383112293.000001CC08E50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC08E50000
|
| Size: |
4096
|
|
|
7FF88B210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535995499.00007FF88B210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B210000
|
| Size: |
65536
|
|
|
7FF88B120000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412897410.00007FF88B120000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B120000
|
| Size: |
61440
|
|
|
18A92E76000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1718048931.0000018A92E76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92E76000
|
| Size: |
12288
|
|
|
18A92FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1721341220.0000018A92FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92FC0000
|
| Size: |
4096
|
|
|
23E4A04D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528840733.0000023E4A04D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A04D000
|
| Size: |
12288
|
|
|
69305FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1715065249.00000069305FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69305FF000
|
| Size: |
4096
|
|
|
7FF408430000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1975802182.00007FF408430000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF408430000
|
| Size: |
4096
|
|
|
7FF88B0E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695975975.00007FF88B0E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0E6000
|
| Size: |
40960
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2569781813.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
4096
|
|
|
1BF3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1975742264.000000001BF3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BF3E000
|
| Size: |
8192
|
|
|
7FF88AE03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1529148005.00007FF88AE03000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE03000
|
| Size: |
4096
|
|
|
2873000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2574895544.0000000002873000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2873000
|
| Size: |
315392
|
|
|
16418F52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418F52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418F52000
|
| Size: |
258048
|
|
|
7FF88B190000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1913899419.00007FF88B190000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B190000
|
| Size: |
36864
|
|
|
1642FD2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1686178634.000001642FD2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FD2D000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1692302140.00007FF88B000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B000000
|
| Size: |
65536
|
|
|
7FF88AFF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410841908.00007FF88AFF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFF4000
|
| Size: |
12288
|
|
|
14A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
28672
|
|
|
7FF88B180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1413286532.00007FF88B180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B180000
|
| Size: |
65536
|
|
|
1642FDA6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1686178634.000001642FDA6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FDA6000
|
| Size: |
8192
|
|
|
1641890A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.000001641890A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1641890A000
|
| Size: |
835584
|
|
|
7FF88ADE3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1689529071.00007FF88ADE3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88ADE3000
|
| Size: |
4096
|
|
|
16415C30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1563677225.0000016415C30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16415C30000
|
| Size: |
65536
|
|
|
16415910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561338776.0000016415910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415910000
|
| Size: |
20480
|
|
|
16418A3A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016418A3A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16418A3A000
|
| Size: |
581632
|
|
|
7FF88AEC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.1976307240.00007FF88AEC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEC0000
|
| Size: |
4096
|
|
|
7FF88B0C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1695502305.00007FF88B0C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0C0000
|
| Size: |
65536
|
|
|
B5616BB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382366837.000000B5616BB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5616BB000
|
| Size: |
20480
|
|
|
18AAD1B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1903413036.0000018AAD1B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AAD1B6000
|
| Size: |
28672
|
|
|
23E4A04B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528800112.0000023E4A04B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A04B000
|
| Size: |
4096
|
|
|
16417958000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566545629.0000016417958000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16417958000
|
| Size: |
2768896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88B080000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1532242445.00007FF88B080000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B080000
|
| Size: |
65536
|
|
|
7DF4742A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1904111362.00007DF4742A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4742A0000
|
| Size: |
4096
|
|
|
7FF88AE14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2076852265.00007FF88AE14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE14000
|
| Size: |
4096
|
|
|
FA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2149421828.0000000000FA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FA0000
|
| Size: |
12288
|
|
|
1CC08E30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1383085465.000001CC08E30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1CC08E30000
|
| Size: |
16384
|
|
|
12818000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2599535141.0000000012818000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12818000
|
| Size: |
20480
|
|
|
16415A19000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1561521084.0000016415A19000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16415A19000
|
| Size: |
4096
|
|
|
1384000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.0000000001384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1384000
|
| Size: |
8192
|
|
|
18A93130000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1722023123.0000018A93130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A93130000
|
| Size: |
16384
|
|
|
13013000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2073377513.0000000013013000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13013000
|
| Size: |
12288
|
|
|
7FF88B020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1908052638.00007FF88B020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B020000
|
| Size: |
65536
|
|
|
7FF88AE90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1690005990.00007FF88AE90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE90000
|
| Size: |
8192
|
|
|
7FF88AFC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1410402105.00007FF88AFC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFC1000
|
| Size: |
32768
|
|
|
18A948E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1722523485.0000018A948E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A948E3000
|
| Size: |
798720
|
|
|
18A94F2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1725569105.0000018A94F2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18A94F2C000
|
| Size: |
65536
|
|
|
1506000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.0000000001506000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1506000
|
| Size: |
4096
|
|
|
23E31900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1445683949.0000023E31900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31900000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FF88AE00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1904158891.00007FF88AE00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE00000
|
| Size: |
4096
|
|
|
7FF88AE03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1904205540.00007FF88AE03000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE03000
|
| Size: |
4096
|
|
|
7FF88B020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1531343774.00007FF88B020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B020000
|
| Size: |
65536
|
|
|
23E2FDA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1443017269.0000023E2FDA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E2FDA8000
|
| Size: |
94208
|
|
|
14C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072160915.00000000014C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14C5000
|
| Size: |
8192
|
|
|
DBCACF7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440055832.000000DBCACF7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCACF7000
|
| Size: |
36864
|
|
|
169E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2153410114.000000000169E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
169E000
|
| Size: |
8192
|
|
|
141A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.1969706018.000000000141A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
141A000
|
| Size: |
4096
|
|
|
7FF88AF91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691130379.00007FF88AF91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AF91000
|
| Size: |
32768
|
|
|
16417585000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1566181485.0000016417585000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16417585000
|
| Size: |
24576
|
|
|
7FF88AFB1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1906609146.00007FF88AFB1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFB1000
|
| Size: |
32768
|
|
|
18AA4D55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1864752183.0000018AA4D55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AA4D55000
|
| Size: |
12288
|
|
|
7FF88AE34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2607501584.00007FF88AE34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE34000
|
| Size: |
4096
|
|
|
14DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.00000000014DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14DC000
|
| Size: |
20480
|
|
|
1CC08C7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382643877.000001CC08C7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC08C7D000
|
| Size: |
16384
|
|
|
7FF88B210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1698114555.00007FF88B210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B210000
|
| Size: |
36864
|
|
|
BF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000BF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BF0000
|
| Size: |
4096
|
|
|
23E339F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446317394.0000023E339F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
23E339F8000
|
| Size: |
49152
|
|
|
1CC2304A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1408602951.000001CC2304A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC2304A000
|
| Size: |
36864
|
|
|
7FF88AE24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2154877884.00007FF88AE24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE24000
|
| Size: |
20480
|
|
|
23E31868000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1444878003.0000023E31868000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31868000
|
| Size: |
258048
|
|
|
7FF88AE10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2606989839.00007FF88AE10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE10000
|
| Size: |
4096
|
|
|
1642FCE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1684148086.000001642FCE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1642FCE2000
|
| Size: |
40960
|
|
|
B5611FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1382162053.000000B5611FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5611FD000
|
| Size: |
12288
|
|
|
301C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2072548566.000000000301C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
301C000
|
| Size: |
8192
|
|
|
7FF88B0C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1911237397.00007FF88B0C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0C0000
|
| Size: |
16384
|
|
|
C73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2428909124.0000000000C73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C73000
|
| Size: |
16384
|
|
|
FFC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068557995.0000000000FFC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFC000
|
| Size: |
20480
|
|
|
DBCAEB6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1440222397.000000DBCAEB6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DBCAEB6000
|
| Size: |
40960
|
|
|
BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2068074696.0000000000BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
8192
|
|
|
7DF481800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1409360636.00007DF481800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF481800000
|
| Size: |
4096
|
|
|
1508000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2150371541.0000000001508000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1508000
|
| Size: |
143360
|
|
|
7FF88AE13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2607024301.00007FF88AE13000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AE13000
|
| Size: |
4096
|
|
|
B80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.2067923552.0000000000B80000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B80000
|
| Size: |
4096
|
|
|
7FF88B140000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1696799329.00007FF88B140000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B140000
|
| Size: |
4096
|
|
|
7FF88B1F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1535739989.00007FF88B1F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B1F0000
|
| Size: |
4096
|
|
|
1CC23003000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC23003000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23003000
|
| Size: |
77824
|
|
|
7FF88AFE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1691830471.00007FF88AFE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AFE0000
|
| Size: |
65536
|
|
|
23E31A00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1446088467.0000023E31A00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E31A00000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1B4AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2601668908.000000001B4AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B4AE000
|
| Size: |
8192
|
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2573795792.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB0000
|
| Size: |
4096
|
|
|
18AACEE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1897413423.0000018AACEE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18AACEE0000
|
| Size: |
4096
|
|
|
7FF88AE00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1529096291.00007FF88AE00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88AE00000
|
| Size: |
4096
|
|
|
12948000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2432650876.0000000012948000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12948000
|
| Size: |
4096
|
|
|
23E4A052000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528879567.0000023E4A052000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A052000
|
| Size: |
40960
|
|
|
18A92DD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1717778457.0000018A92DD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18A92DD5000
|
| Size: |
24576
|
|
|
7FF88B0B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1412325242.00007FF88B0B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FF88B0B0000
|
| Size: |
65536
|
|
|
3000000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.2072511192.0000000003000000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
3000000
|
| Size: |
4096
|
|
|
23E4A03D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1528758662.0000023E4A03D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
23E4A03D000
|
| Size: |
12288
|
|
|
1CC23020000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1407647838.000001CC23020000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CC23020000
|
| Size: |
4096
|
|
|
18AACE33000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1894261619.0000018AACE33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
18AACE33000
|
| Size: |
90112
|
|
|
7FF88AEE6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1530004438.00007FF88AEE6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF88AEE6000
|
| Size: |
86016
|
|
