|
355F8000
|
heap
|
page read and write
|
 |
|
|
| Name: |
00000002.00000003.1384396202.00000000355F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
355F8000
|
| Size: |
557056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Found strings which match to known social media urls |
Networking |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
353F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1384040604.00000000353F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353F1000
|
| Size: |
360448
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Found strings which match to known social media urls |
Networking |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1403101314.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
376832
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
359BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386668649.00000000359BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
359BD000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3536B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386498935.000000003536B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536B000
|
| Size: |
401408
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3577A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404642508.000000003577A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3577A000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
35776000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386379398.0000000035776000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35776000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
353F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403656979.00000000353F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353F1000
|
| Size: |
401408
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
358F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404521038.00000000358F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
358F9000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
35693000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404721684.0000000035693000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35693000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
5AA5000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.0000000005AA5000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5AA5000
|
| Size: |
10485760
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected GuLoader |
Data Obfuscation |
|
|
|
35453000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403203558.0000000035453000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35453000
|
| Size: |
401408
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4A38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.0000000004A38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A38000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
355F0000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426565955.00000000355F0000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
355F0000
|
| Size: |
376832
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4A14000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.0000000004A14000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A14000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Remcos RAT |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3583F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404822029.000000003583F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3583F000
|
| Size: |
700416
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected WebBrowserPassView password recovery tool |
Stealing of Sensitive Information |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2B2C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B2C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B2C000
|
| Size: |
8192
|
|
|
466A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000466A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
466A000
|
| Size: |
12288
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397776657.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
47FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47FA000
|
| Size: |
12288
|
|
|
45AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45AC000
|
| Size: |
12288
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398967846.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
114688
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400377215.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
430080
|
|
|
10003000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1192087681.0000000010003000.00000002.00000001.01000000.00000006.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10003000
|
| Size: |
4096
|
|
|
55FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396438773.00000000055FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FA000
|
| Size: |
4096
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394980099.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
441A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.000000000441A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
441A000
|
| Size: |
12288
|
|
|
4A32000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A32000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A32000
|
| Size: |
8192
|
|
|
3593000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000003.1387903078.0000000003593000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3593000
|
| Size: |
8192
|
|
|
4679000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004679000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4679000
|
| Size: |
12288
|
|
|
354CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403417674.00000000354CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354CA000
|
| Size: |
16384
|
|
|
4544000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004544000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4544000
|
| Size: |
12288
|
|
|
2CC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162740958.0000000002CC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
4096
|
|
|
46E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46E3000
|
| Size: |
12288
|
|
|
4792000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169444973.0000000004792000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4792000
|
| Size: |
266240
|
|
|
2C35000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.0000000002C35000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2C35000
|
| Size: |
10485760
|
|
|
407000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1143415441.0000000000407000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
407000
|
| Size: |
8192
|
|
|
498A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000498A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
498A000
|
| Size: |
8192
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399665104.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
135168
|
|
|
435B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000435B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
435B000
|
| Size: |
12288
|
|
|
4686000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.0000000004686000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4686000
|
| Size: |
12288
|
|
|
47D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47D4000
|
| Size: |
12288
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399458314.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
114688
|
|
|
2B72000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B72000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B72000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401499279.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
61440
|
|
|
2A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A80000
|
| Size: |
4096
|
|
|
2C8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C8F000
|
| Size: |
12288
|
|
|
45E000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1403101314.000000000045E000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
45E000
|
| Size: |
4096
|
|
|
4B67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B67000
|
| Size: |
12288
|
|
|
435F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000435F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
435F000
|
| Size: |
12288
|
|
|
4AE7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AE7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AE7000
|
| Size: |
12288
|
|
|
44DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44DE000
|
| Size: |
12288
|
|
|
4AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AD4000
|
| Size: |
12288
|
|
|
4A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381799973.0000000004A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A87000
|
| Size: |
32768
|
|
|
458D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.000000000458D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
458D000
|
| Size: |
12288
|
|
|
2B44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B44000
|
| Size: |
12288
|
|
|
2A66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A66000
|
| Size: |
4096
|
|
|
2A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A87000
|
| Size: |
8192
|
|
|
354B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426509026.00000000354B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B6000
|
| Size: |
8192
|
|
|
493D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000493D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
493D000
|
| Size: |
8192
|
|
|
2A3B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A3B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A3B000
|
| Size: |
8192
|
|
|
5602000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399013976.0000000005602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5602000
|
| Size: |
118784
|
|
|
35453000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386550081.0000000035453000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
35453000
|
| Size: |
196608
|
|
|
49AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407857069.00000000049AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49AF000
|
| Size: |
4096
|
|
|
4829000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004829000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4829000
|
| Size: |
12288
|
|
|
44BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44BA000
|
| Size: |
12288
|
|
|
4599000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.0000000004599000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4599000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395511700.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
4986000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004986000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4986000
|
| Size: |
12288
|
|
|
4931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4931000
|
| Size: |
12288
|
|
|
5280000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404446025.0000000005280000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5280000
|
| Size: |
8192
|
|
|
561F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398943321.000000000561F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
561F000
|
| Size: |
77824
|
|
|
2470000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152660510.0000000002470000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2470000
|
| Size: |
8192
|
|
|
5171000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395070774.0000000005171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5171000
|
| Size: |
233472
|
|
|
73E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150868519.000000000073E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
73E000
|
| Size: |
8192
|
|
|
478D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000478D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
478D000
|
| Size: |
12288
|
|
|
4AC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386586693.0000000004AC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC9000
|
| Size: |
4096
|
|
|
4B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408136692.0000000004B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B10000
|
| Size: |
24576
|
|
|
4A8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381942343.0000000004A8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A8B000
|
| Size: |
16384
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1364804287.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
43A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43A5000
|
| Size: |
12288
|
|
|
4701000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.0000000004701000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4701000
|
| Size: |
12288
|
|
|
48A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48A6000
|
| Size: |
8192
|
|
|
35A3B000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426725017.0000000035A3B000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
35A3B000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1143381191.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
4B64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B64000
|
| Size: |
8192
|
|
|
7D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7D1000
|
| Size: |
12288
|
|
|
4944000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004944000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4944000
|
| Size: |
12288
|
|
|
2C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C00000
|
| Size: |
12288
|
|
|
4A8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379539706.0000000004A8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A8F000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3040000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000D.00000002.1389458216.0000000003040000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
3040000
|
| Size: |
4096
|
|
|
4AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404388703.0000000004AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AA0000
|
| Size: |
98304
|
|
|
4950000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004950000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4950000
|
| Size: |
4096
|
|
|
2AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AE0000
|
| Size: |
4096
|
|
|
476B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000476B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
476B000
|
| Size: |
8192
|
|
|
4426000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004426000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4426000
|
| Size: |
8192
|
|
|
48CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48CC000
|
| Size: |
8192
|
|
|
55E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397521759.00000000055E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E8000
|
| Size: |
12288
|
|
|
34ECD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426325729.0000000034ECD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34ECD000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1389230761.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
2C3A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C3A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C3A000
|
| Size: |
143360
|
|
|
47F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47F6000
|
| Size: |
12288
|
|
|
3864000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402165478.0000000003864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
278528
|
|
|
4831000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004831000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4831000
|
| Size: |
12288
|
|
|
46A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A8000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398381362.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
16384
|
|
|
2D00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162830857.0000000002D00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D00000
|
| Size: |
4096
|
|
|
47EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47EB000
|
| Size: |
12288
|
|
|
55F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398475668.00000000055F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F6000
|
| Size: |
4096
|
|
|
3864000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401675341.0000000003864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
278528
|
|
|
33FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389764337.00000000033FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33FF000
|
| Size: |
4096
|
|
|
2ACB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002ACB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ACB000
|
| Size: |
12288
|
|
|
4634000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004634000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4634000
|
| Size: |
8192
|
|
|
461D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000461D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
461D000
|
| Size: |
12288
|
|
|
444D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000444D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
444D000
|
| Size: |
12288
|
|
|
475F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000475F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
475F000
|
| Size: |
12288
|
|
|
465F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000465F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
465F000
|
| Size: |
12288
|
|
|
29C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29C4000
|
| Size: |
12288
|
|
|
44A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44A0000
|
| Size: |
12288
|
|
|
336D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403682947.000000000336D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
336D000
|
| Size: |
12288
|
|
|
4964000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004964000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4964000
|
| Size: |
12288
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401585529.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
413696
|
|
|
49F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49F3000
|
| Size: |
12288
|
|
|
4840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4840000
|
| Size: |
8192
|
|
|
2C26000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C26000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C26000
|
| Size: |
12288
|
|
|
55E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399066700.00000000055E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E0000
|
| Size: |
12288
|
|
|
4B2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B2E000
|
| Size: |
12288
|
|
|
4758000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004758000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4758000
|
| Size: |
8192
|
|
|
467D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000467D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
467D000
|
| Size: |
12288
|
|
|
4848000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004848000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4848000
|
| Size: |
8192
|
|
|
48A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48A2000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396106079.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
43B8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043B8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43B8000
|
| Size: |
12288
|
|
|
2210000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152490027.0000000002210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2210000
|
| Size: |
8192
|
|
|
788000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000788000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
788000
|
| Size: |
45056
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402387511.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
8192
|
|
|
4653000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004653000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4653000
|
| Size: |
12288
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396030997.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
35A66000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426788396.0000000035A66000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
35A66000
|
| Size: |
8192
|
|
|
4B41000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B41000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B41000
|
| Size: |
12288
|
|
|
441E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.000000000441E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
441E000
|
| Size: |
12288
|
|
|
4416000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004416000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4416000
|
| Size: |
12288
|
|
|
4B32000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B32000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B32000
|
| Size: |
12288
|
|
|
4AEC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AEC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AEC000
|
| Size: |
12288
|
|
|
4AC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381737627.0000000004AC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC9000
|
| Size: |
4096
|
|
|
2C31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C31000
|
| Size: |
12288
|
|
|
353F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426478753.00000000353F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
353F0000
|
| Size: |
4096
|
|
|
49D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.00000000049D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D0000
|
| Size: |
28672
|
|
|
2D40000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162905006.0000000002D40000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D40000
|
| Size: |
4096
|
|
|
10001000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1192065625.0000000010001000.00000020.00000001.01000000.00000006.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
10001000
|
| Size: |
8192
|
|
|
4785000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004785000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4785000
|
| Size: |
12288
|
|
|
4B3A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B3A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B3A000
|
| Size: |
8192
|
|
|
2ACF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002ACF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ACF000
|
| Size: |
12288
|
|
|
776000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000776000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
776000
|
| Size: |
4096
|
|
|
4AC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379578136.0000000004AC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC8000
|
| Size: |
8192
|
|
|
3536A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404906439.000000003536A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536A000
|
| Size: |
4096
|
|
|
29E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29E7000
|
| Size: |
4096
|
|
|
44D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44D5000
|
| Size: |
12288
|
|
|
43D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.00000000043D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43D4000
|
| Size: |
143360
|
|
|
4A63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A63000
|
| Size: |
12288
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395487773.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
496D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000496D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
496D000
|
| Size: |
4096
|
|
|
434000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150604501.0000000000434000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
434000
|
| Size: |
8192
|
|
|
2BA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BA2000
|
| Size: |
8192
|
|
|
98000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150521388.0000000000098000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
98000
|
| Size: |
32768
|
|
|
4A54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A54000
|
| Size: |
12288
|
|
|
23BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152593479.00000000023BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23BE000
|
| Size: |
8192
|
|
|
46F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390330821.00000000046F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46F0000
|
| Size: |
8192
|
|
|
3813000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393769379.0000000003813000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3813000
|
| Size: |
126976
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399234496.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
35A06000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426646768.0000000035A06000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
35A06000
|
| Size: |
8192
|
|
|
2A53000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A53000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399090081.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
37D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399118424.00000000037D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D9000
|
| Size: |
184320
|
|
|
488A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000488A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
488A000
|
| Size: |
8192
|
|
|
332E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403623638.000000000332E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
332E000
|
| Size: |
8192
|
|
|
44BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44BE000
|
| Size: |
12288
|
|
|
4442000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004442000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4442000
|
| Size: |
8192
|
|
|
4992000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004992000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4992000
|
| Size: |
8192
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399704533.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
151552
|
|
|
4B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B03000
|
| Size: |
12288
|
|
|
43F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.00000000043F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43F8000
|
| Size: |
4096
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401001877.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
61440
|
|
|
3030000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389423931.0000000003030000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3030000
|
| Size: |
4096
|
|
|
37ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399234496.00000000037ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37ED000
|
| Size: |
102400
|
|
|
4B60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B60000
|
| Size: |
8192
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394542311.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
20480
|
|
|
A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390101089.0000000000A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A6E000
|
| Size: |
8192
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389425177.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
460E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000460E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
460E000
|
| Size: |
8192
|
|
|
4517000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004517000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4517000
|
| Size: |
12288
|
|
|
44CA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044CA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44CA000
|
| Size: |
8192
|
|
|
4825000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004825000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4825000
|
| Size: |
12288
|
|
|
2AC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AC8000
|
| Size: |
8192
|
|
|
43FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.00000000043FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43FC000
|
| Size: |
12288
|
|
|
49C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407896963.00000000049C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49C0000
|
| Size: |
8192
|
|
|
4381000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004381000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4381000
|
| Size: |
12288
|
|
|
4B7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B7C000
|
| Size: |
8192
|
|
|
49B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407875894.00000000049B0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49B0000
|
| Size: |
4096
|
|
|
3864000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401860358.0000000003864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
278528
|
|
|
2A5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A5F000
|
| Size: |
4096
|
|
|
436C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000436C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
436C000
|
| Size: |
4096
|
|
|
354B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403656979.00000000354B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B6000
|
| Size: |
8192
|
|
|
37E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393425548.00000000037E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E8000
|
| Size: |
102400
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399807093.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
61440
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399536912.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
45056
|
|
|
839000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000839000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
839000
|
| Size: |
24576
|
|
|
2C66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C66000
|
| Size: |
8192
|
|
|
4B07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B07000
|
| Size: |
12288
|
|
|
4363000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004363000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4363000
|
| Size: |
12288
|
|
|
4628000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004628000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4628000
|
| Size: |
12288
|
|
|
4638000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004638000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4638000
|
| Size: |
8192
|
|
|
2C79000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C79000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C79000
|
| Size: |
8192
|
|
|
29DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29DC000
|
| Size: |
8192
|
|
|
2A2B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A2B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A2B000
|
| Size: |
4096
|
|
|
359C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000003.1389073664.000000000359C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
359C000
|
| Size: |
4096
|
|
|
1835000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.0000000001835000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1835000
|
| Size: |
10485760
|
|
|
47EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47EF000
|
| Size: |
12288
|
|
|
4557000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004557000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4557000
|
| Size: |
12288
|
|
|
4B0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B0B000
|
| Size: |
8192
|
|
|
4860000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4860000
|
| Size: |
12288
|
|
|
439E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.000000000439E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
439E000
|
| Size: |
8192
|
|
|
4999000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004999000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4999000
|
| Size: |
12288
|
|
|
4B25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B25000
|
| Size: |
12288
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398165481.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
4A03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A03000
|
| Size: |
8192
|
|
|
2F8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389569133.0000000002F8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F8D000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5602000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396218594.0000000005602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5602000
|
| Size: |
4096
|
|
|
48B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48B9000
|
| Size: |
8192
|
|
|
2A30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A30000
|
| Size: |
8192
|
|
|
2C2F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C2F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C2F000
|
| Size: |
4096
|
|
|
55F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402500171.00000000055F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F2000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2B6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B6A000
|
| Size: |
12288
|
|
|
456A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000456A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
456A000
|
| Size: |
12288
|
|
|
55DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397663736.00000000055DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DF000
|
| Size: |
36864
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389172207.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
4806000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.0000000004806000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4806000
|
| Size: |
8192
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401291620.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
413696
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000D.00000002.1389232886.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
344064
|
|
|
2C35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C35000
|
| Size: |
12288
|
|
|
354C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403951735.00000000354C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354C9000
|
| Size: |
4096
|
|
|
4460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4460000
|
| Size: |
12288
|
|
|
2BF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002BF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BF8000
|
| Size: |
12288
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1143399285.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
24576
|
|
|
2D8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389359385.0000000002D8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D8C000
|
| Size: |
16384
|
|
|
3370000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403717336.0000000003370000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3370000
|
| Size: |
4096
|
|
|
19A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150541486.000000000019A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19A000
|
| Size: |
24576
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396072676.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
4B16000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B16000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B16000
|
| Size: |
12288
|
|
|
486B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000486B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
486B000
|
| Size: |
12288
|
|
|
2BC8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BC8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BC8000
|
| Size: |
8192
|
|
|
448000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1150747884.0000000000448000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
448000
|
| Size: |
180224
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1389034096.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
1077248
|
|
|
29F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29F4000
|
| Size: |
20480
|
|
|
38F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402819004.00000000038F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38F9000
|
| Size: |
4096
|
|
|
4B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390353225.0000000004B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B40000
|
| Size: |
4096
|
|
|
4960000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004960000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4960000
|
| Size: |
12288
|
|
|
2ADB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002ADB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ADB000
|
| Size: |
8192
|
|
|
4AF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AF8000
|
| Size: |
8192
|
|
|
46D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46D7000
|
| Size: |
12288
|
|
|
4763000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004763000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4763000
|
| Size: |
12288
|
|
|
44CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44CD000
|
| Size: |
12288
|
|
|
2DCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389393236.0000000002DCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DCC000
|
| Size: |
16384
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397069922.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
126976
|
|
|
4566000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004566000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4566000
|
| Size: |
12288
|
|
|
4939000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004939000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4939000
|
| Size: |
12288
|
|
|
35A20000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426725017.0000000035A20000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
35A20000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| URLs found in memory or binary data |
Networking |
|
|
|
448000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000002.3403480399.0000000000448000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
448000
|
| Size: |
180224
|
|
|
2BB1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BB1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BB1000
|
| Size: |
12288
|
|
|
6EA5000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.0000000006EA5000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6EA5000
|
| Size: |
10485760
|
|
|
476E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000476E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
476E000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389276975.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389673285.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394441308.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
24576
|
|
|
4611000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004611000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4611000
|
| Size: |
12288
|
|
|
4615000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004615000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4615000
|
| Size: |
12288
|
|
|
3536B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379510513.000000003536B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536B000
|
| Size: |
98304
|
|
|
4AB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AB9000
|
| Size: |
12288
|
|
|
4389000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004389000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4389000
|
| Size: |
12288
|
|
|
4767000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004767000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4767000
|
| Size: |
12288
|
|
|
4586000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.0000000004586000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4586000
|
| Size: |
12288
|
|
|
37E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393582065.00000000037E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E6000
|
| Size: |
86016
|
|
|
55D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396468931.00000000055D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D8000
|
| Size: |
49152
|
|
|
44E2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044E2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44E2000
|
| Size: |
12288
|
|
|
3504E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426402376.000000003504E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3504E000
|
| Size: |
8192
|
|
|
4ACC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004ACC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4ACC000
|
| Size: |
12288
|
|
|
2B3B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B3B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B3B000
|
| Size: |
4096
|
|
|
4582000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.0000000004582000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4582000
|
| Size: |
12288
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400606141.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
425984
|
|
|
34B4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426244142.0000000034B4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34B4F000
|
| Size: |
4096
|
|
|
4B9A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B9A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B9A000
|
| Size: |
4096
|
|
|
55D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401001877.00000000055D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D5000
|
| Size: |
4096
|
|
|
354B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426509026.00000000354B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B4000
|
| Size: |
4096
|
|
|
3815000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399978439.0000000003815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3815000
|
| Size: |
135168
|
|
|
46FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46FA000
|
| Size: |
8192
|
|
|
4A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403999564.0000000004A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A87000
|
| Size: |
32768
|
|
|
37D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394344713.00000000037D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D9000
|
| Size: |
24576
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399199068.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
135168
|
|
|
4A06000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A06000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A06000
|
| Size: |
12288
|
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150604501.000000000042B000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
42B000
|
| Size: |
12288
|
|
|
2A74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A74000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395280785.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
4882000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004882000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4882000
|
| Size: |
12288
|
|
|
46EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46EA000
|
| Size: |
12288
|
|
|
4A21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A21000
|
| Size: |
12288
|
|
|
55D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401499279.00000000055D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D5000
|
| Size: |
98304
|
|
|
37FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393672203.00000000037FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37FE000
|
| Size: |
73728
|
|
|
446C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000446C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
446C000
|
| Size: |
8192
|
|
|
49D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D8000
|
| Size: |
8192
|
|
|
4B8B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B8B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B8B000
|
| Size: |
12288
|
|
|
49E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49E8000
|
| Size: |
12288
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000002.3403270689.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
24576
|
|
|
4822000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004822000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4822000
|
| Size: |
8192
|
|
|
6FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150851650.00000000006FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FF000
|
| Size: |
4096
|
|
|
4B4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B4D000
|
| Size: |
8192
|
|
|
7C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C9000
|
| Size: |
4096
|
|
|
5171000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1389194162.0000000005171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5171000
|
| Size: |
65536
|
|
|
2CBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390187517.0000000002CBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CBE000
|
| Size: |
16384
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398867798.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
20480
|
|
|
38B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396779522.00000000038B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B0000
|
| Size: |
167936
|
|
|
4ABF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004ABF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4ABF000
|
| Size: |
4096
|
|
|
4705000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.0000000004705000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4705000
|
| Size: |
12288
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399147595.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
20480
|
|
|
79A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.930999626.000000000079A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A000
|
| Size: |
114688
|
|
|
456E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000456E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
456E000
|
| Size: |
8192
|
|
|
477A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000477A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
477A000
|
| Size: |
12288
|
|
|
2D20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162867737.0000000002D20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D20000
|
| Size: |
8192
|
|
|
46CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46CC000
|
| Size: |
12288
|
|
|
2AEF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AEF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AEF000
|
| Size: |
4096
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402787480.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399737344.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
4A2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.0000000004A2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A2E000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4802000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.0000000004802000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4802000
|
| Size: |
12288
|
|
|
A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390061779.0000000000A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
4096
|
|
|
43D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43D0000
|
| Size: |
8192
|
|
|
43A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43A1000
|
| Size: |
12288
|
|
|
474000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.1403101314.0000000000474000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
474000
|
| Size: |
36864
|
|
|
4B1E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B1E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B1E000
|
| Size: |
8192
|
|
|
44C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44C6000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389151328.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
459D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.000000000459D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
459D000
|
| Size: |
8192
|
|
|
55E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398534802.00000000055E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E3000
|
| Size: |
40960
|
|
|
5602000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399283866.0000000005602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5602000
|
| Size: |
118784
|
|
|
354B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426509026.00000000354B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B9000
|
| Size: |
16384
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394673847.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
2B79000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B79000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B79000
|
| Size: |
12288
|
|
|
46DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46DF000
|
| Size: |
12288
|
|
|
2BA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BA5000
|
| Size: |
12288
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408066135.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| URLs found in memory or binary data |
Networking |
|
|
|
49A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49A6000
|
| Size: |
12288
|
|
|
6600000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408192703.0000000006600000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6600000
|
| Size: |
4096
|
|
|
37F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393641360.00000000037F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37F1000
|
| Size: |
110592
|
|
|
485C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000485C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
485C000
|
| Size: |
12288
|
|
|
4886000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004886000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4886000
|
| Size: |
12288
|
|
|
55D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396529997.00000000055D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D8000
|
| Size: |
49152
|
|
|
5EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150822050.00000000005EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EE000
|
| Size: |
8192
|
|
|
4B83000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B83000
|
| Size: |
12288
|
|
|
38FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404367476.00000000038FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FE000
|
| Size: |
4096
|
|
|
4624000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004624000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4624000
|
| Size: |
12288
|
|
|
4A19000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A19000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A19000
|
| Size: |
12288
|
|
|
498E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000498E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
12288
|
|
|
2474000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152660510.0000000002474000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2474000
|
| Size: |
8192
|
|
|
4354000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004354000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4354000
|
| Size: |
12288
|
|
|
49DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49DB000
|
| Size: |
12288
|
|
|
2BBC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BBC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BBC000
|
| Size: |
12288
|
|
|
439A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.000000000439A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
439A000
|
| Size: |
12288
|
|
|
2C0B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C0B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C0B000
|
| Size: |
12288
|
|
|
2B5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B5F000
|
| Size: |
12288
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395408746.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
2AD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AD8000
|
| Size: |
4096
|
|
|
4A98000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1364860257.0000000004A98000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A98000
|
| Size: |
36864
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394301918.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
380928
|
|
|
4A4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292323361.0000000004A4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A4B000
|
| Size: |
4096
|
|
|
46D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46D4000
|
| Size: |
8192
|
|
|
48AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48AD000
|
| Size: |
12288
|
|
|
2CA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390187517.0000000002CA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CA8000
|
| Size: |
65536
|
|
|
37FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393730457.00000000037FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37FA000
|
| Size: |
212992
|
|
|
4619000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004619000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4619000
|
| Size: |
12288
|
|
|
4650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4650000
|
| Size: |
8192
|
|
|
4644000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004644000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4644000
|
| Size: |
12288
|
|
|
5602000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396412829.0000000005602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5602000
|
| Size: |
4096
|
|
|
4B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B74000
|
| Size: |
12288
|
|
|
499D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000499D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
499D000
|
| Size: |
12288
|
|
|
45A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45A8000
|
| Size: |
12288
|
|
|
2B5B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B5B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B5B000
|
| Size: |
12288
|
|
|
4A48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A48000
|
| Size: |
12288
|
|
|
354B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403656979.00000000354B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B9000
|
| Size: |
16384
|
|
|
2B53000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B53000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B53000
|
| Size: |
12288
|
|
|
4510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4510000
|
| Size: |
8192
|
|
|
2B63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B63000
|
| Size: |
8192
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396106079.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
49BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49BD000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389208131.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
359C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000003.1387903078.000000000359C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
359C000
|
| Size: |
4096
|
|
|
44F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44F9000
|
| Size: |
8192
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396529997.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
4B21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B21000
|
| Size: |
12288
|
|
|
409000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150604501.0000000000409000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
409000
|
| Size: |
135168
|
|
|
2C2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C2A000
|
| Size: |
8192
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389697891.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
33E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403898486.00000000033E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33E0000
|
| Size: |
24576
|
|
|
44C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44C2000
|
| Size: |
12288
|
|
|
48B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48B5000
|
| Size: |
12288
|
|
|
38F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402819004.00000000038F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38F7000
|
| Size: |
4096
|
|
|
4A12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A12000
|
| Size: |
12288
|
|
|
4ADC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004ADC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4ADC000
|
| Size: |
8192
|
|
|
37B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404154483.00000000037B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37B0000
|
| Size: |
4096
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399403733.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
53248
|
|
|
48AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407833977.00000000048AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48AE000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395135328.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
44E9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044E9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44E9000
|
| Size: |
12288
|
|
|
4AC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404235530.0000000004AC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC1000
|
| Size: |
20480
|
|
|
47E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47E0000
|
| Size: |
8192
|
|
|
4A0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A0A000
|
| Size: |
12288
|
|
|
3208000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389655232.0000000003208000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3208000
|
| Size: |
77824
|
|
|
7AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7AB000
|
| Size: |
12288
|
|
|
5616000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398017795.0000000005616000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5616000
|
| Size: |
106496
|
|
|
2D50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162924426.0000000002D50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D50000
|
| Size: |
4096
|
|
|
2AF7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AF7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AF7000
|
| Size: |
4096
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000002.3403176299.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
4663000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004663000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4663000
|
| Size: |
8192
|
|
|
560E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397894864.000000000560E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
560E000
|
| Size: |
114688
|
|
|
326F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403335171.000000000326F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
326F000
|
| Size: |
8192
|
|
|
29EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29EF000
|
| Size: |
8192
|
|
|
484C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000484C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
484C000
|
| Size: |
8192
|
|
|
2C93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C93000
|
| Size: |
12288
|
|
|
2C5E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C5E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C5E000
|
| Size: |
12288
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1150574128.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
24576
|
|
|
32E0000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000B.00000002.1403579413.00000000032E0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
32E0000
|
| Size: |
4096
|
|
|
4350000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004350000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4350000
|
| Size: |
12288
|
|
|
4376000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004376000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4376000
|
| Size: |
12288
|
|
|
456000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000D.00000002.1389232886.0000000000456000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
456000
|
| Size: |
8192
|
|
|
4AC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403999564.0000000004AC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC1000
|
| Size: |
20480
|
|
|
2A25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A25000
|
| Size: |
4096
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402387511.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
73728
|
|
|
55F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404616419.00000000055F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F2000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401376972.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
417792
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394441308.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
55F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398813544.00000000055F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F6000
|
| Size: |
196608
|
|
|
440F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.000000000440F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
440F000
|
| Size: |
12288
|
|
|
2C1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C1A000
|
| Size: |
12288
|
|
|
2BCB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BCB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BCB000
|
| Size: |
12288
|
|
|
A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390038933.0000000000A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A0E000
|
| Size: |
8192
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389120513.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
34D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426265637.0000000034D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34D3E000
|
| Size: |
8192
|
|
|
48D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48D0000
|
| Size: |
8192
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389084978.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
354B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403203558.00000000354B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B6000
|
| Size: |
8192
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402319486.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
49152
|
|
|
4A86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1320954546.0000000004A86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A86000
|
| Size: |
32768
|
|
|
225E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152512030.000000000225E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
225E000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395250500.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398534802.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
28672
|
|
|
47D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47D8000
|
| Size: |
12288
|
|
|
4A44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1321014071.0000000004A44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A44000
|
| Size: |
270336
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3514F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426424800.000000003514F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3514F000
|
| Size: |
4096
|
|
|
4B7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B7F000
|
| Size: |
12288
|
|
|
35A0C000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426646768.0000000035A0C000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
35A0C000
|
| Size: |
24576
|
|
|
2B9A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002B9A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B9A000
|
| Size: |
12288
|
|
|
44A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44A4000
|
| Size: |
8192
|
|
|
46E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46E7000
|
| Size: |
8192
|
|
|
354C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403656979.00000000354C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354C9000
|
| Size: |
4096
|
|
|
6680000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408337043.0000000006680000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6680000
|
| Size: |
4096
|
|
|
4A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1386619103.0000000004A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A90000
|
| Size: |
126976
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
463F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000463F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
463F000
|
| Size: |
12288
|
|
|
407000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1150589744.0000000000407000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
407000
|
| Size: |
8192
|
|
|
560E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398017795.000000000560E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
560E000
|
| Size: |
24576
|
|
|
44ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44ED000
|
| Size: |
12288
|
|
|
3536B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404439843.000000003536B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536B000
|
| Size: |
192512
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398991928.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
32768
|
|
|
2430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152615613.0000000002430000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2430000
|
| Size: |
4096
|
|
|
492A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000492A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
492A000
|
| Size: |
8192
|
|
|
41B000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1389779049.000000000041B000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
41B000
|
| Size: |
36864
|
|
|
10012000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1192138612.0000000010012000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10012000
|
| Size: |
4096
|
|
|
4A47000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292223334.0000000004A47000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A47000
|
| Size: |
20480
|
|
|
4B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B50000
|
| Size: |
12288
|
|
|
5AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150806530.00000000005AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AE000
|
| Size: |
8192
|
|
|
4696000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.0000000004696000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4696000
|
| Size: |
8192
|
|
|
50A5000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.00000000050A5000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50A5000
|
| Size: |
10485760
|
|
|
464C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000464C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
464C000
|
| Size: |
12288
|
|
|
352F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379595983.00000000352F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352F1000
|
| Size: |
12288
|
|
|
4571000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004571000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4571000
|
| Size: |
12288
|
|
|
2BBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390147033.0000000002BBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BBF000
|
| Size: |
4096
|
|
|
448000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.928729365.0000000000448000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
448000
|
| Size: |
180224
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.928619116.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
3564E000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426565955.000000003564E000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
3564E000
|
| Size: |
4096
|
|
|
2B7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B7D000
|
| Size: |
12288
|
|
|
4367000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004367000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4367000
|
| Size: |
12288
|
|
|
4968000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004968000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4968000
|
| Size: |
12288
|
|
|
55D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397069922.00000000055D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D8000
|
| Size: |
77824
|
|
|
4A68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175680538.0000000004A68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A68000
|
| Size: |
266240
|
|
|
2B48000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B48000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B48000
|
| Size: |
12288
|
|
|
4400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4400000
|
| Size: |
8192
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402105515.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
274432
|
|
|
2CE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162791218.0000000002CE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2CE0000
|
| Size: |
4096
|
|
|
4B41000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1388937046.0000000004B41000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B41000
|
| Size: |
233472
|
|
|
497B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000497B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
497B000
|
| Size: |
12288
|
|
|
5171000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402968503.0000000005171000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5171000
|
| Size: |
225280
|
|
|
4553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4553000
|
| Size: |
12288
|
|
|
2A22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A22000
|
| Size: |
4096
|
|
|
49D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.00000000049D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D8000
|
| Size: |
233472
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4A34000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3407915507.0000000004A34000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A34000
|
| Size: |
4096
|
|
|
34D00000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1288082388.0000000034D00000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
34D00000
|
| Size: |
4096
|
|
|
45B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45B7000
|
| Size: |
12288
|
|
|
6620000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408229356.0000000006620000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6620000
|
| Size: |
4096
|
|
|
460A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000460A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
460A000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395385445.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
2AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AC0000
|
| Size: |
4096
|
|
|
38FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402697836.00000000038FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FA000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
|
|
2D30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162886074.0000000002D30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D30000
|
| Size: |
4096
|
|
|
4602000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4602000
|
| Size: |
12288
|
|
|
74E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.000000000074E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
74E000
|
| Size: |
159744
|
|
|
4449000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004449000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4449000
|
| Size: |
12288
|
|
|
66C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408388672.00000000066C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66C0000
|
| Size: |
8192
|
|
|
4940000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004940000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4940000
|
| Size: |
12288
|
|
|
2A18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A18000
|
| Size: |
36864
|
|
|
2A3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A3E000
|
| Size: |
4096
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395343379.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
49C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49C8000
|
| Size: |
12288
|
|
|
3536A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379595983.000000003536A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536A000
|
| Size: |
4096
|
|
|
4B78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B78000
|
| Size: |
12288
|
|
|
454F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000454F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
454F000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402557197.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
4407000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004407000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4407000
|
| Size: |
12288
|
|
|
3867000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400662467.0000000003867000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3867000
|
| Size: |
278528
|
|
|
3539A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403525548.000000003539A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3539A000
|
| Size: |
196608
|
|
|
44AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44AF000
|
| Size: |
12288
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1150560183.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
3635000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.0000000003635000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
3635000
|
| Size: |
10485760
|
|
|
4A58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A58000
|
| Size: |
8192
|
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398867798.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D1000
|
| Size: |
28672
|
|
|
4A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1384117752.0000000004A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A87000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4540000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004540000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4540000
|
| Size: |
12288
|
|
|
2B76000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B76000
|
| Size: |
8192
|
|
|
2A77000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A77000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A77000
|
| Size: |
8192
|
|
|
4873000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004873000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4873000
|
| Size: |
12288
|
|
|
2235000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.0000000002235000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2235000
|
| Size: |
10485760
|
|
|
4781000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004781000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4781000
|
| Size: |
12288
|
|
|
457E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.000000000457E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
457E000
|
| Size: |
12288
|
|
|
463B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000463B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
463B000
|
| Size: |
12288
|
|
|
42F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150604501.000000000042F000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
42F000
|
| Size: |
8192
|
|
|
7DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7DB000
|
| Size: |
12288
|
|
|
44AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44AB000
|
| Size: |
12288
|
|
|
46AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46AC000
|
| Size: |
12288
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395830766.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
4478000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.0000000004478000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4478000
|
| Size: |
143360
|
|
|
2BCF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BCF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BCF000
|
| Size: |
12288
|
|
|
4385000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4385000
|
| Size: |
12288
|
|
|
2BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BC0000
|
| Size: |
12288
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395467064.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
318E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389571793.000000000318E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318E000
|
| Size: |
8192
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397923055.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
2F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390285584.0000000002F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F80000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395855363.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
46B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46B4000
|
| Size: |
12288
|
|
|
409000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.928700615.0000000000409000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
409000
|
| Size: |
4096
|
|
|
4B1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B1A000
|
| Size: |
12288
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399867582.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
53248
|
|
|
9C0000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000E.00000002.1390013702.00000000009C0000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
9C0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
12288
|
|
|
55D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399147595.00000000055D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D5000
|
| Size: |
20480
|
|
|
45B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45B4000
|
| Size: |
8192
|
|
|
2A5D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A5D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A5D000
|
| Size: |
4096
|
|
|
2CD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162770944.0000000002CD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2CD0000
|
| Size: |
4096
|
|
|
2F83000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389569133.0000000002F83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F83000
|
| Size: |
4096
|
|
|
354B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403203558.00000000354B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B9000
|
| Size: |
16384
|
|
|
4657000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004657000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4657000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396218594.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
16384
|
|
|
4AAA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AAA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AAA000
|
| Size: |
12288
|
|
|
48C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48C4000
|
| Size: |
12288
|
|
|
78A5000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.00000000078A5000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
78A5000
|
| Size: |
8376320
|
|
|
3380000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403752608.0000000003380000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3380000
|
| Size: |
16384
|
|
|
4B45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B45000
|
| Size: |
12288
|
|
|
481A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000481A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
481A000
|
| Size: |
12288
|
|
|
4B58000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B58000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B58000
|
| Size: |
12288
|
|
|
4464000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004464000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4464000
|
| Size: |
12288
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400741694.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
274432
|
|
|
323C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403294369.000000000323C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323C000
|
| Size: |
16384
|
|
|
3536B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381914962.000000003536B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536B000
|
| Size: |
245760
|
|
|
10005000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1192114354.0000000010005000.00000002.00000001.01000000.00000006.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10005000
|
| Size: |
4096
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401560198.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
53248
|
|
|
4676000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004676000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4676000
|
| Size: |
8192
|
|
|
2A37000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A37000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A37000
|
| Size: |
8192
|
|
|
2C84000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C84000
|
| Size: |
12288
|
|
|
494D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000494D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494D000
|
| Size: |
8192
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401249671.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
53248
|
|
|
354C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403203558.00000000354C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354C9000
|
| Size: |
20480
|
|
|
48BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48BC000
|
| Size: |
12288
|
|
|
4789000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004789000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4789000
|
| Size: |
12288
|
|
|
4451000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004451000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4451000
|
| Size: |
12288
|
|
|
37E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393800690.00000000037E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E6000
|
| Size: |
274432
|
|
|
65E0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408156728.00000000065E0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
65E0000
|
| Size: |
4096
|
|
|
4B29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B29000
|
| Size: |
12288
|
|
|
3050000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389501144.0000000003050000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3050000
|
| Size: |
4096
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394410726.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
12288
|
|
|
45B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45B0000
|
| Size: |
8192
|
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394947800.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D1000
|
| Size: |
32768
|
|
|
4A4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292223334.0000000004A4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A4E000
|
| Size: |
229376
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395670955.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401001877.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
73728
|
|
|
74A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.000000000074A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
74A000
|
| Size: |
12288
|
|
|
3864000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401812718.0000000003864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
278528
|
|
|
33E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403898486.00000000033E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33E8000
|
| Size: |
81920
|
|
|
451C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000451C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
451C000
|
| Size: |
143360
|
|
|
4513000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004513000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4513000
|
| Size: |
12288
|
|
|
29C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29C0000
|
| Size: |
12288
|
|
|
4AC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408066135.0000000004AC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC7000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402165478.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
274432
|
|
|
2C0F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C0F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C0F000
|
| Size: |
12288
|
|
|
3590000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389818236.0000000003590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3590000
|
| Size: |
12288
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1384094618.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389301212.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
2CF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162809837.0000000002CF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2CF0000
|
| Size: |
4096
|
|
|
4396000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.0000000004396000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4396000
|
| Size: |
12288
|
|
|
352F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426460823.00000000352F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352F0000
|
| Size: |
4096
|
|
|
4AF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AF4000
|
| Size: |
12288
|
|
|
29E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29E3000
|
| Size: |
12288
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393993918.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
241664
|
|
|
2C04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C04000
|
| Size: |
8192
|
|
|
4935000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004935000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4935000
|
| Size: |
12288
|
|
|
48D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48D7000
|
| Size: |
12288
|
|
|
38B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1389303001.00000000038B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B0000
|
| Size: |
172032
|
|
|
29CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29CC000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
12288
|
|
|
455B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000455B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
455B000
|
| Size: |
8192
|
|
|
2B0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B0A000
|
| Size: |
4096
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402901595.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
492D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000492D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
492D000
|
| Size: |
12288
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401183047.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
49152
|
|
|
4922000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004922000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4922000
|
| Size: |
12288
|
|
|
2F8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389620511.0000000002F8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F8D000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2D60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162943631.0000000002D60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D60000
|
| Size: |
4096
|
|
|
55D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399737344.00000000055D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D5000
|
| Size: |
8192
|
|
|
2B6E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B6E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B6E000
|
| Size: |
12288
|
|
|
4A35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A35000
|
| Size: |
12288
|
|
|
4A5C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A5C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A5C000
|
| Size: |
8192
|
|
|
4504000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004504000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4504000
|
| Size: |
12288
|
|
|
4422000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004422000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4422000
|
| Size: |
12288
|
|
|
7E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E5000
|
| Size: |
12288
|
|
|
37E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393928629.00000000037E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E1000
|
| Size: |
618496
|
|
|
4AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381737627.0000000004AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AA0000
|
| Size: |
163840
|
|
|
2B02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B02000
|
| Size: |
12288
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404208446.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402761014.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
4666000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004666000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4666000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389391232.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394344713.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
2A68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A68000
|
| Size: |
45056
|
|
|
3256000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403335171.0000000003256000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3256000
|
| Size: |
8192
|
|
|
477E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000477E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
477E000
|
| Size: |
8192
|
|
|
409000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000002.3403425562.0000000000409000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
409000
|
| Size: |
4096
|
|
|
55E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398626942.00000000055E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E0000
|
| Size: |
12288
|
|
|
2B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B81000
|
| Size: |
12288
|
|
|
49AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49AA000
|
| Size: |
12288
|
|
|
3272000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403335171.0000000003272000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3272000
|
| Size: |
4096
|
|
|
48C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48C0000
|
| Size: |
12288
|
|
|
4867000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004867000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4867000
|
| Size: |
12288
|
|
|
49F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49F7000
|
| Size: |
12288
|
|
|
482D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000482D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
482D000
|
| Size: |
12288
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395896205.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
448000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1143471551.0000000000448000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
448000
|
| Size: |
180224
|
|
|
4DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389851260.0000000004DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
8192
|
|
|
34D00000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1288025070.0000000034D00000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
34D00000
|
| Size: |
4096
|
|
|
48DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172540478.00000000048DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48DC000
|
| Size: |
266240
|
|
|
2C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C80000
|
| Size: |
12288
|
|
|
46D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46D0000
|
| Size: |
12288
|
|
|
4AC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC5000
|
| Size: |
12288
|
|
|
4A86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292186631.0000000004A86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A86000
|
| Size: |
12288
|
|
|
489A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.000000000489A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
489A000
|
| Size: |
12288
|
|
|
4816000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004816000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4816000
|
| Size: |
12288
|
|
|
2A5B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A5B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A5B000
|
| Size: |
4096
|
|
|
38FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402819004.00000000038FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FB000
|
| Size: |
16384
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401998124.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
126976
|
|
|
48B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48B1000
|
| Size: |
12288
|
|
|
4AE3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AE3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AE3000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396529997.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
16384
|
|
|
449C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.000000000449C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
449C000
|
| Size: |
12288
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150834928.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
24576
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395104783.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
468E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.000000000468E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
468E000
|
| Size: |
8192
|
|
|
4858000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004858000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4858000
|
| Size: |
12288
|
|
|
407000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.928686996.0000000000407000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
407000
|
| Size: |
8192
|
|
|
43C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C9000
|
| Size: |
4096
|
|
|
4708000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389540339.0000000004708000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4708000
|
| Size: |
12288
|
|
|
6610000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408212203.0000000006610000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6610000
|
| Size: |
4096
|
|
|
2B39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B39000
|
| Size: |
4096
|
|
|
382D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394033885.000000000382D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
382D000
|
| Size: |
315392
|
|
|
4973000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004973000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4973000
|
| Size: |
12288
|
|
|
16E0000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.00000000016E0000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16E0000
|
| Size: |
360448
|
|
|
4772000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004772000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4772000
|
| Size: |
12288
|
|
|
2A28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A28000
|
| Size: |
4096
|
|
|
4562000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004562000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4562000
|
| Size: |
12288
|
|
|
7BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7BF000
|
| Size: |
12288
|
|
|
465B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000465B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
465B000
|
| Size: |
12288
|
|
|
55EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396218594.00000000055EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EB000
|
| Size: |
8192
|
|
|
4606000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004606000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4606000
|
| Size: |
12288
|
|
|
2C88000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C88000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C88000
|
| Size: |
12288
|
|
|
4429000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004429000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4429000
|
| Size: |
12288
|
|
|
10000000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1192040957.0000000010000000.00000002.00000001.01000000.00000006.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
10000000
|
| Size: |
4096
|
|
|
55FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400323665.00000000055FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
122880
|
|
|
37D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394980099.00000000037D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D5000
|
| Size: |
4096
|
|
|
47FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47FE000
|
| Size: |
12288
|
|
|
33FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403898486.00000000033FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33FD000
|
| Size: |
40960
|
|
|
4864000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4864000
|
| Size: |
8192
|
|
|
446F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000446F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
446F000
|
| Size: |
12288
|
|
|
496F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000496F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
496F000
|
| Size: |
12288
|
|
|
4A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A50000
|
| Size: |
4096
|
|
|
2C6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C6D000
|
| Size: |
12288
|
|
|
440B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.000000000440B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
440B000
|
| Size: |
12288
|
|
|
38FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393553708.00000000038FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FA000
|
| Size: |
20480
|
|
|
49FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49FF000
|
| Size: |
12288
|
|
|
4877000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004877000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4877000
|
| Size: |
8192
|
|
|
49D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D4000
|
| Size: |
8192
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389362462.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1403046546.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
2440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152631588.0000000002440000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2440000
|
| Size: |
4096
|
|
|
487A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000487A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
487A000
|
| Size: |
12288
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394100278.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
331776
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400914799.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
53248
|
|
|
4A52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A52000
|
| Size: |
4096
|
|
|
2BD3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BD3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BD3000
|
| Size: |
12288
|
|
|
4431000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004431000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4431000
|
| Size: |
12288
|
|
|
7B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B5000
|
| Size: |
12288
|
|
|
4A45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A45000
|
| Size: |
8192
|
|
|
407000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000002.3403318977.0000000000407000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
407000
|
| Size: |
8192
|
|
|
34DCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426305737.0000000034DCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34DCC000
|
| Size: |
16384
|
|
|
4575000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004575000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4575000
|
| Size: |
12288
|
|
|
4977000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004977000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4977000
|
| Size: |
12288
|
|
|
4436000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004436000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4436000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395205830.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
3536A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381975182.000000003536A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3536A000
|
| Size: |
4096
|
|
|
49A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49A2000
|
| Size: |
12288
|
|
|
4835000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004835000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4835000
|
| Size: |
8192
|
|
|
4A3D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A3D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A3D000
|
| Size: |
12288
|
|
|
2B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B50000
|
| Size: |
8192
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399458314.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
6640000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408264640.0000000006640000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6640000
|
| Size: |
4096
|
|
|
43CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43CB000
|
| Size: |
12288
|
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397923055.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D1000
|
| Size: |
32768
|
|
|
46FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46FE000
|
| Size: |
8192
|
|
|
4AD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AD8000
|
| Size: |
12288
|
|
|
4455000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004455000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4455000
|
| Size: |
8192
|
|
|
2AD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156415071.0000000002AD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AD5000
|
| Size: |
4096
|
|
|
4392000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.0000000004392000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4392000
|
| Size: |
12288
|
|
|
7F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F9000
|
| Size: |
20480
|
|
|
4B6B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B6B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B6B000
|
| Size: |
12288
|
|
|
48A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48A9000
|
| Size: |
12288
|
|
|
486F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000486F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
486F000
|
| Size: |
12288
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381782519.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
437E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000437E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
437E000
|
| Size: |
8192
|
|
|
4B5C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B5C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B5C000
|
| Size: |
12288
|
|
|
454B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000454B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
454B000
|
| Size: |
12288
|
|
|
46F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46F2000
|
| Size: |
12288
|
|
|
4809000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.0000000004809000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4809000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399308061.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
61440
|
|
|
2C7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C7C000
|
| Size: |
12288
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400914799.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
278528
|
|
|
A3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152470314.0000000000A3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A3F000
|
| Size: |
4096
|
|
|
480D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.000000000480D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
480D000
|
| Size: |
12288
|
|
|
37AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404096048.00000000037AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37AE000
|
| Size: |
8192
|
|
|
4B49000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B49000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B49000
|
| Size: |
12288
|
|
|
455E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.000000000455E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
455E000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395761687.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
50AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394810528.00000000050AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50AC000
|
| Size: |
716800
|
|
|
A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390123103.0000000000A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A80000
|
| Size: |
16384
|
|
|
495B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000495B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
495B000
|
| Size: |
12288
|
|
|
44D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44D1000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397521759.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
126976
|
|
|
38F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404266126.00000000038F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38F0000
|
| Size: |
16384
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399040945.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
53248
|
|
|
47DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47DC000
|
| Size: |
12288
|
|
|
488D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000488D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
488D000
|
| Size: |
12288
|
|
|
29C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29C8000
|
| Size: |
8192
|
|
|
321C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389655232.000000000321C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
321C000
|
| Size: |
20480
|
|
|
468A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.000000000468A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
468A000
|
| Size: |
12288
|
|
|
31CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389619630.00000000031CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31CE000
|
| Size: |
8192
|
|
|
4AB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AB4000
|
| Size: |
4096
|
|
|
4AD2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AD2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AD2000
|
| Size: |
4096
|
|
|
49C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49C1000
|
| Size: |
8192
|
|
|
49D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D0000
|
| Size: |
12288
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404542337.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
73728
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389454073.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
438D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000438D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
438D000
|
| Size: |
12288
|
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29FC000
|
| Size: |
4096
|
|
|
4445000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004445000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4445000
|
| Size: |
12288
|
|
|
46F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46F6000
|
| Size: |
12288
|
|
|
46EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46EE000
|
| Size: |
12288
|
|
|
44F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44F5000
|
| Size: |
12288
|
|
|
83C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1389845164.000000000083C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83C000
|
| Size: |
16384
|
|
|
55D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397776657.00000000055D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D9000
|
| Size: |
73728
|
|
|
811000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
811000
|
| Size: |
20480
|
|
|
2A33000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A33000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A33000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389054191.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
36AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404048221.00000000036AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36AE000
|
| Size: |
8192
|
|
|
4699000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.0000000004699000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4699000
|
| Size: |
12288
|
|
|
2CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390187517.0000000002CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CA0000
|
| Size: |
24576
|
|
|
462C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.000000000462C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
462C000
|
| Size: |
12288
|
|
|
4A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1379559579.0000000004A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A87000
|
| Size: |
32768
|
|
|
3843000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401860358.0000000003843000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3843000
|
| Size: |
126976
|
|
|
4776000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004776000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4776000
|
| Size: |
12288
|
|
|
436E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000436E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
436E000
|
| Size: |
12288
|
|
|
4468000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004468000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4468000
|
| Size: |
8192
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396180079.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
442D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.000000000442D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
442D000
|
| Size: |
12288
|
|
|
29D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D0000
|
| Size: |
28672
|
|
|
46A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A1000
|
| Size: |
12288
|
|
|
4AC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC1000
|
| Size: |
12288
|
|
|
29F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29F2000
|
| Size: |
4096
|
|
|
34D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426286113.0000000034D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34D7F000
|
| Size: |
4096
|
|
|
4995000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004995000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4995000
|
| Size: |
12288
|
|
|
4A39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A39000
|
| Size: |
8192
|
|
|
44E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44E6000
|
| Size: |
8192
|
|
|
49B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49B1000
|
| Size: |
12288
|
|
|
7EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EF000
|
| Size: |
12288
|
|
|
46B8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046B8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46B8000
|
| Size: |
8192
|
|
|
306C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162982839.000000000306C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
306C000
|
| Size: |
16384
|
|
|
2BFC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002BFC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BFC000
|
| Size: |
12288
|
|
|
4B93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B93000
|
| Size: |
8192
|
|
|
2C18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C18000
|
| Size: |
4096
|
|
|
48C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48C8000
|
| Size: |
12288
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.928671408.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
24576
|
|
|
4A5F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A5F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A5F000
|
| Size: |
12288
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
32768
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389498611.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
4591000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.0000000004591000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4591000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398165481.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
126976
|
|
|
480000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150772901.0000000000480000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
480000
|
| Size: |
4096
|
|
|
437A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.000000000437A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
437A000
|
| Size: |
12288
|
|
|
2C22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C22000
|
| Size: |
8192
|
|
|
2B11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B11000
|
| Size: |
4096
|
|
|
4754000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4754000
|
| Size: |
12288
|
|
|
49B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49B5000
|
| Size: |
12288
|
|
|
2C13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C13000
|
| Size: |
12288
|
|
|
3200000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389655232.0000000003200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
24576
|
|
|
825000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000825000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
825000
|
| Size: |
20480
|
|
|
4579000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004579000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4579000
|
| Size: |
12288
|
|
|
2C62000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C62000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C62000
|
| Size: |
12288
|
|
|
2A4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A4D000
|
| Size: |
4096
|
|
|
35A50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426768769.0000000035A50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35A50000
|
| Size: |
4096
|
|
|
4B96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B96000
|
| Size: |
8192
|
|
|
64A5000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.00000000064A5000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
64A5000
|
| Size: |
10485760
|
|
|
55E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399908731.00000000055E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E0000
|
| Size: |
12288
|
|
|
443E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000443E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
443E000
|
| Size: |
12288
|
|
|
4B36000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B36000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B36000
|
| Size: |
12288
|
|
|
4B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B70000
|
| Size: |
12288
|
|
|
55D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402387511.00000000055D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D5000
|
| Size: |
4096
|
|
|
6670000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408318406.0000000006670000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6670000
|
| Size: |
4096
|
|
|
46DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46DB000
|
| Size: |
12288
|
|
|
475B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.000000000475B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
475B000
|
| Size: |
12288
|
|
|
4372000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004372000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4372000
|
| Size: |
12288
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396051754.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
45C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166583764.00000000045C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45C0000
|
| Size: |
266240
|
|
|
77C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.000000000077C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
77C000
|
| Size: |
24576
|
|
|
48D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.00000000048D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48D3000
|
| Size: |
12288
|
|
|
55E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399308061.00000000055E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E3000
|
| Size: |
40960
|
|
|
481E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000481E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
481E000
|
| Size: |
12288
|
|
|
38FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402929753.00000000038FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FB000
|
| Size: |
16384
|
|
|
2C97000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C97000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C97000
|
| Size: |
12288
|
|
|
43AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43AD000
|
| Size: |
12288
|
|
|
65F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408174706.00000000065F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
65F0000
|
| Size: |
4096
|
|
|
2C1E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C1E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C1E000
|
| Size: |
12288
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1403014128.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
4895000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004895000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4895000
|
| Size: |
12288
|
|
|
49B9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049B9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49B9000
|
| Size: |
12288
|
|
|
3500D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426365144.000000003500D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3500D000
|
| Size: |
12288
|
|
|
4AC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404235530.0000000004AC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC7000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
4957000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004957000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4957000
|
| Size: |
12288
|
|
|
4853000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004853000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4853000
|
| Size: |
12288
|
|
|
450C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.000000000450C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
450C000
|
| Size: |
8192
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395968203.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
4B54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B54000
|
| Size: |
12288
|
|
|
489E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171902522.000000000489E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
489E000
|
| Size: |
12288
|
|
|
2B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B40000
|
| Size: |
8192
|
|
|
487E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.000000000487E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
487E000
|
| Size: |
12288
|
|
|
4500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4500000
|
| Size: |
12288
|
|
|
2B4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B4C000
|
| Size: |
12288
|
|
|
3274000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403335171.0000000003274000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3274000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152556873.00000000022B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22B0000
|
| Size: |
12288
|
|
|
5170000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404409513.0000000005170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5170000
|
| Size: |
4096
|
|
|
794000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000794000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
794000
|
| Size: |
81920
|
|
|
6660000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408300727.0000000006660000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6660000
|
| Size: |
8192
|
|
|
55F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402387511.00000000055F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F2000
|
| Size: |
49152
|
|
|
46BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46BF000
|
| Size: |
12288
|
|
|
2A7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A7B000
|
| Size: |
4096
|
|
|
4926000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.0000000004926000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4926000
|
| Size: |
12288
|
|
|
37E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393860661.00000000037E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E6000
|
| Size: |
622592
|
|
|
4595000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.0000000004595000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4595000
|
| Size: |
12288
|
|
|
359B0000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426646768.00000000359B0000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
359B0000
|
| Size: |
344064
|
|
|
44FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44FC000
|
| Size: |
12288
|
|
|
66A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408371507.00000000066A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
66A0000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
55E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399807093.00000000055E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E3000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
45BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45BB000
|
| Size: |
12288
|
|
|
484F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000484F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
484F000
|
| Size: |
12288
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402663260.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
4035000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3403586700.0000000004035000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4035000
|
| Size: |
8376320
|
|
|
4B0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B0E000
|
| Size: |
12288
|
|
|
2B28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B28000
|
| Size: |
4096
|
|
|
4473000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004473000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4473000
|
| Size: |
12288
|
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397663736.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D1000
|
| Size: |
28672
|
|
|
2A8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A8A000
|
| Size: |
4096
|
|
|
47F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47F3000
|
| Size: |
8192
|
|
|
4AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AE0000
|
| Size: |
4096
|
|
|
3500B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426365144.000000003500B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3500B000
|
| Size: |
4096
|
|
|
43A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43A9000
|
| Size: |
12288
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397521759.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
44F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44F1000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402165478.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
53248
|
|
|
2BB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BB8000
|
| Size: |
12288
|
|
|
4458000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.0000000004458000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4458000
|
| Size: |
12288
|
|
|
2CB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390187517.0000000002CB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CB9000
|
| Size: |
16384
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403797467.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397776657.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
241664
|
|
|
6630000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408246595.0000000006630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6630000
|
| Size: |
20480
|
|
|
4AB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403581186.0000000004AB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AB8000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2C69000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C69000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C69000
|
| Size: |
12288
|
|
|
2C71000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C71000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C71000
|
| Size: |
12288
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
167936
|
|
|
2B06000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B06000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B06000
|
| Size: |
12288
|
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1389940640.00000000008E0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E0000
|
| Size: |
4096
|
|
|
2BC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BC4000
|
| Size: |
12288
|
|
|
2BB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BB5000
|
| Size: |
8192
|
|
|
4AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AD0000
|
| Size: |
4096
|
|
|
446000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150604501.0000000000446000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
446000
|
| Size: |
4096
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399978439.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
151552
|
|
|
466E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.000000000466E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
466E000
|
| Size: |
12288
|
|
|
4982000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.0000000004982000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4982000
|
| Size: |
12288
|
|
|
4413000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004413000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4413000
|
| Size: |
8192
|
|
|
469F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1390310584.000000000469F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
469F000
|
| Size: |
4096
|
|
|
4750000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168466105.0000000004750000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4750000
|
| Size: |
12288
|
|
|
44B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44B3000
|
| Size: |
12288
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401451224.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
286720
|
|
|
4AFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AFF000
|
| Size: |
12288
|
|
|
4A0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A0E000
|
| Size: |
12288
|
|
|
2F6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162963330.0000000002F6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F6C000
|
| Size: |
16384
|
|
|
4358000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163004823.0000000004358000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4358000
|
| Size: |
8192
|
|
|
2A13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A13000
|
| Size: |
4096
|
|
|
45A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45A0000
|
| Size: |
12288
|
|
|
4508000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.0000000004508000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4508000
|
| Size: |
12288
|
|
|
2B9E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002B9E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B9E000
|
| Size: |
12288
|
|
|
4838000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004838000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4838000
|
| Size: |
12288
|
|
|
37E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393697674.00000000037E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E6000
|
| Size: |
172032
|
|
|
46B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46B0000
|
| Size: |
8192
|
|
|
2BA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BA9000
|
| Size: |
12288
|
|
|
2B86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002B86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B86000
|
| Size: |
77824
|
|
|
2CC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1388625920.0000000002CC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
172032
|
|
|
43C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C0000
|
| Size: |
12288
|
|
|
4A16000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A16000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A16000
|
| Size: |
8192
|
|
|
46BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46BC000
|
| Size: |
8192
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395565785.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
4ABD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004ABD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4ABD000
|
| Size: |
4096
|
|
|
7FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.00000000007FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7FF000
|
| Size: |
4096
|
|
|
46A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A5000
|
| Size: |
8192
|
|
|
4630000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1166657534.0000000004630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4630000
|
| Size: |
12288
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397923055.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
126976
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403999564.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
139264
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
29ED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029ED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29ED000
|
| Size: |
4096
|
|
|
44A7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044A7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44A7000
|
| Size: |
12288
|
|
|
2A40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A40000
|
| Size: |
36864
|
|
|
49EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49EC000
|
| Size: |
12288
|
|
|
37D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402729282.00000000037D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D0000
|
| Size: |
4096
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1388563987.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
33D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403853149.00000000033D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
33D0000
|
| Size: |
4096
|
|
|
4AAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408066135.0000000004AAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AAE000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2BAD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161445884.0000000002BAD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BAD000
|
| Size: |
12288
|
|
|
45C000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000D.00000002.1389232886.000000000045C000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
45C000
|
| Size: |
24576
|
|
|
352F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381975182.00000000352F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352F1000
|
| Size: |
12288
|
|
|
28BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152696918.00000000028BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28BF000
|
| Size: |
4096
|
|
|
325B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403335171.000000000325B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
325B000
|
| Size: |
8192
|
|
|
55D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404491099.00000000055D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D0000
|
| Size: |
20480
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394499776.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
497F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173282049.000000000497F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
497F000
|
| Size: |
8192
|
|
|
2C2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C2D000
|
| Size: |
4096
|
|
|
44DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164914504.00000000044DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44DA000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401998124.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
4403000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163663238.0000000004403000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4403000
|
| Size: |
12288
|
|
|
47E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47E7000
|
| Size: |
12288
|
|
|
4B12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004B12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B12000
|
| Size: |
12288
|
|
|
34F0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426344885.0000000034F0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34F0C000
|
| Size: |
16384
|
|
|
229E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152535503.000000000229E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
229E000
|
| Size: |
8192
|
|
|
3864000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1402319486.0000000003864000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3864000
|
| Size: |
278528
|
|
|
4672000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004672000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4672000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398911565.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
4096
|
|
|
4A4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292323361.0000000004A4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A4E000
|
| Size: |
229376
|
|
|
560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150791233.0000000000560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
560000
|
| Size: |
8192
|
|
|
4B87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B87000
|
| Size: |
12288
|
|
|
37E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1393425548.00000000037E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E1000
|
| Size: |
24576
|
|
|
4AB6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AB6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AB6000
|
| Size: |
8192
|
|
|
4AC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC9000
|
| Size: |
8192
|
|
|
409000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.1143430400.0000000000409000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
409000
|
| Size: |
4096
|
|
|
4648000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167061622.0000000004648000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4648000
|
| Size: |
12288
|
|
|
4844000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.0000000004844000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4844000
|
| Size: |
12288
|
|
|
4AAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175720328.0000000004AAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AAE000
|
| Size: |
12288
|
|
|
32D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1403544780.00000000032D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
32D0000
|
| Size: |
4096
|
|
|
2C07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002C07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C07000
|
| Size: |
12288
|
|
|
47E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1169479603.00000000047E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
47E3000
|
| Size: |
12288
|
|
|
2B2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B2A000
|
| Size: |
4096
|
|
|
37E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394237556.00000000037E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E1000
|
| Size: |
712704
|
|
|
469D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.000000000469D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
469D000
|
| Size: |
12288
|
|
|
37E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394591596.00000000037E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37E0000
|
| Size: |
397312
|
|
|
4A26000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A26000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A26000
|
| Size: |
12288
|
|
|
49F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49F0000
|
| Size: |
4096
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398714056.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
20480
|
|
|
4AF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AF0000
|
| Size: |
12288
|
|
|
2A57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A57000
|
| Size: |
12288
|
|
|
4F50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1178228311.0000000004F50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F50000
|
| Size: |
360448
|
|
|
35A51000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426788396.0000000035A51000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
35A51000
|
| Size: |
77824
|
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1397069922.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EC000
|
| Size: |
4096
|
|
|
4A41000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A41000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A41000
|
| Size: |
12288
|
|
|
46C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1167516334.00000000046C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46C3000
|
| Size: |
12288
|
|
|
49AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49AE000
|
| Size: |
8192
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
| Name: |
0000000E.00000002.1389779049.0000000000400000.00000040.80000000.00040000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
system
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found strings which match to known social media urls |
Networking |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2C8C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C8C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C8C000
|
| Size: |
8192
|
|
|
4548000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165258872.0000000004548000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4548000
|
| Size: |
8192
|
|
|
6690000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408354233.0000000006690000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6690000
|
| Size: |
4096
|
|
|
45A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.00000000045A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45A4000
|
| Size: |
12288
|
|
|
43B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43B2000
|
| Size: |
4096
|
|
|
4B8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177742193.0000000004B8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B8F000
|
| Size: |
8192
|
|
|
4A2A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A2A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A2A000
|
| Size: |
12288
|
|
|
4A1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.0000000004A1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A1D000
|
| Size: |
12288
|
|
|
4A4C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A4C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A4C000
|
| Size: |
12288
|
|
|
3815000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1400377215.0000000003815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3815000
|
| Size: |
122880
|
|
|
2B57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B57000
|
| Size: |
12288
|
|
|
354B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403656979.00000000354B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
354B4000
|
| Size: |
4096
|
|
|
2B66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161093220.0000000002B66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B66000
|
| Size: |
12288
|
|
|
879000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000E.00000002.1389898941.0000000000879000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
879000
|
| Size: |
28672
|
|
|
46C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1168002861.00000000046C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46C8000
|
| Size: |
12288
|
|
|
34D00000
|
remote allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1288059683.0000000034D00000.00000004.00000400.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
remote allocation
|
| Protect: |
page read and write
|
| Base address: |
34D00000
|
| Size: |
4096
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395366410.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
458A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1165924862.000000000458A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
458A000
|
| Size: |
8192
|
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398690366.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D1000
|
| Size: |
61440
|
|
|
4A2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1175015639.0000000004A2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A2E000
|
| Size: |
12288
|
|
|
6650000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3408281682.0000000006650000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
6650000
|
| Size: |
4096
|
|
|
49E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49E4000
|
| Size: |
12288
|
|
|
55F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398288494.00000000055F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F3000
|
| Size: |
233472
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1399737344.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
61440
|
|
|
37F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401675341.00000000037F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37F2000
|
| Size: |
151552
|
|
|
43BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43BC000
|
| Size: |
8192
|
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1394591596.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
37D1000
|
| Size: |
20480
|
|
|
3070000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389538915.0000000003070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3070000
|
| Size: |
20480
|
|
|
3385000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395587937.0000000003385000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3385000
|
| Size: |
4096
|
|
|
4A3F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1292223334.0000000004A3F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A3F000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
93F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152442103.000000000093F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93F000
|
| Size: |
4096
|
|
|
4B41000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1388543270.0000000004B41000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B41000
|
| Size: |
65536
|
|
|
35664000
|
unclassified section
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3426565955.0000000035664000.00000040.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page execute and read and write
|
| Base address: |
35664000
|
| Size: |
36864
|
|
|
29DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29DF000
|
| Size: |
12288
|
|
|
4AC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403999564.0000000004AC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AC7000
|
| Size: |
12288
|
|
|
483C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1170292692.000000000483C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
483C000
|
| Size: |
12288
|
|
|
3842000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1401675341.0000000003842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3842000
|
| Size: |
131072
|
|
|
49FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1174466859.00000000049FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49FB000
|
| Size: |
12288
|
|
|
49C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49C4000
|
| Size: |
12288
|
|
|
2D10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162849818.0000000002D10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2D10000
|
| Size: |
4096
|
|
|
3384000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395612725.0000000003384000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3384000
|
| Size: |
8192
|
|
|
22B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152556873.00000000022B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22B5000
|
| Size: |
8192
|
|
|
55EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.1404542337.00000000055EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55EF000
|
| Size: |
8192
|
|
|
352F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1404906439.00000000352F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
352F1000
|
| Size: |
16384
|
|
|
4891000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1171227459.0000000004891000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4891000
|
| Size: |
12288
|
|
|
2A8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A8E000
|
| Size: |
4096
|
|
|
49CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49CC000
|
| Size: |
8192
|
|
|
57D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1395945700.00000000057D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
57D0000
|
| Size: |
4096
|
|
|
55FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1396218594.00000000055FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55FA000
|
| Size: |
4096
|
|
|
34A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426213676.0000000034A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34A4E000
|
| Size: |
8192
|
|
|
2B24000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B24000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B24000
|
| Size: |
12288
|
|
|
445C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000445C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
445C000
|
| Size: |
12288
|
|
|
784000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1150883675.0000000000784000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
784000
|
| Size: |
12288
|
|
|
2B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1156883734.0000000002B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
8192
|
|
|
2460000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152646106.0000000002460000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2460000
|
| Size: |
4096
|
|
|
44B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1164427507.00000000044B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
44B7000
|
| Size: |
8192
|
|
|
55DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398845808.00000000055DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55DB000
|
| Size: |
20480
|
|
|
2BD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1161759693.0000000002BD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2BD8000
|
| Size: |
69632
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403466079.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
212992
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
443A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163990850.000000000443A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
443A000
|
| Size: |
12288
|
|
|
34FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.1389795103.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FF000
|
| Size: |
4096
|
|
|
43C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C4000
|
| Size: |
8192
|
|
|
55E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1398381362.00000000055E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55E0000
|
| Size: |
53248
|
|
|
49DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1173762868.00000000049DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49DF000
|
| Size: |
12288
|
|
|
2A50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.0000000002A50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A50000
|
| Size: |
8192
|
|
|
4AFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176665625.0000000004AFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4AFB000
|
| Size: |
12288
|
|
|
A84000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000E.00000003.1389258757.0000000000A84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
14
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
4096
|
|
|
4B3D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177143790.0000000004B3D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B3D000
|
| Size: |
12288
|
|
|
43B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1163335142.00000000043B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43B4000
|
| Size: |
12288
|
|
|
29D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1152726544.00000000029D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D8000
|
| Size: |
12288
|
|
|
4A96000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1381942343.0000000004A96000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A96000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
351E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3426443037.00000000351E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
351E0000
|
| Size: |
4096
|
|
|
491E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1172576903.000000000491E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
491E000
|
| Size: |
12288
|
|
|
2C75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1162158776.0000000002C75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C75000
|
| Size: |
12288
|
|
