|
3ED1000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
0000000A.00000002.1534510906.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3ED1000
|
| Size: |
471040
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
4408000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.0000000004408000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4408000
|
| Size: |
1974272
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
423000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000423000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
423000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
401A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1534510906.000000000401A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
401A000
|
| Size: |
405504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000002ED1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ED1000
|
| Size: |
1368064
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
30EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30EE000
|
| Size: |
167936
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
33D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33D0000
|
| Size: |
172032
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3401000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003401000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3401000
|
| Size: |
1409024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4600000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.0000000004600000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4600000
|
| Size: |
475136
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Telegram RAT |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected VIP Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3261000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003261000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3261000
|
| Size: |
331776
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2F81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002F81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F81000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Snake Keylogger |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6540000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301642824.0000000006540000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
6540000
|
| Size: |
380928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Costura Assembly Loader |
Data Obfuscation |
|
|
|
32D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32D5000
|
| Size: |
8192
|
|
|
1237000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521648960.0000000001237000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1237000
|
| Size: |
4096
|
|
|
2DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422191962.0000000002DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DC0000
|
| Size: |
4096
|
|
|
10BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521317078.00000000010BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10BE000
|
| Size: |
8192
|
|
|
1EBA1365000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411574831.000001EBA1365000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1365000
|
| Size: |
192512
|
|
|
6A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431842729.0000000006A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A6E000
|
| Size: |
8192
|
|
|
587E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429949523.000000000587E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
587E000
|
| Size: |
8192
|
|
|
538E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535480393.000000000538E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
538E000
|
| Size: |
8192
|
|
|
1222000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521565381.0000000001222000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1222000
|
| Size: |
4096
|
|
|
15EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.00000000015EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15EE000
|
| Size: |
4096
|
|
|
1620000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289617798.0000000001620000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1620000
|
| Size: |
4096
|
|
|
389A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000389A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
389A000
|
| Size: |
32768
|
|
|
15F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289500221.00000000015F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15F0000
|
| Size: |
4096
|
|
|
306A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000306A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306A000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6100000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537297441.0000000006100000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6100000
|
| Size: |
24576
|
|
|
390D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000390D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390D000
|
| Size: |
4096
|
|
|
379B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000379B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379B000
|
| Size: |
4096
|
|
|
3845000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003845000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3845000
|
| Size: |
106496
|
|
|
3888000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003888000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3888000
|
| Size: |
12288
|
|
|
15B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523607134.00000000015B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15B0000
|
| Size: |
16384
|
|
|
33F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33F9000
|
| Size: |
12288
|
|
|
37C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C0000
|
| Size: |
122880
|
|
|
3260000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003260000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3260000
|
| Size: |
4096
|
|
|
3463000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003463000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3463000
|
| Size: |
28672
|
|
|
3379000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003379000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3379000
|
| Size: |
4096
|
|
|
3449000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003449000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3449000
|
| Size: |
102400
|
|
|
37E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E5000
|
| Size: |
4096
|
|
|
653A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.000000000653A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653A000
|
| Size: |
4096
|
|
|
34DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34DC000
|
| Size: |
24576
|
|
|
2D18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422014833.0000000002D18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D18000
|
| Size: |
4096
|
|
|
350C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000350C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
350C000
|
| Size: |
4096
|
|
|
38EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38EC000
|
| Size: |
12288
|
|
|
390B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000390B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390B000
|
| Size: |
4096
|
|
|
33F0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1290539213.00000000033F0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
33F0000
|
| Size: |
4096
|
|
|
6DB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432611240.0000000006DB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DB4000
|
| Size: |
36864
|
|
|
3821000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003821000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3821000
|
| Size: |
4096
|
|
|
3993000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003993000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3993000
|
| Size: |
4096
|
|
|
3041000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003041000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3041000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
14F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2418750229.00000000014F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14F0000
|
| Size: |
65536
|
|
|
10B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2418146566.00000000010B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10B0000
|
| Size: |
8192
|
|
|
3200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290412732.0000000003200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3200000
|
| Size: |
24576
|
|
|
307F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000307F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
307F000
|
| Size: |
4096
|
|
|
60E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1537162758.00000000060E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
60E0000
|
| Size: |
65536
|
|
|
3527000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003527000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3527000
|
| Size: |
4096
|
|
|
380D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000380D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
380D000
|
| Size: |
45056
|
|
|
414000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000414000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
414000
|
| Size: |
4096
|
|
|
4401000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004401000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4401000
|
| Size: |
4096
|
|
|
31A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A4000
|
| Size: |
4096
|
|
|
356D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000356D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
356D000
|
| Size: |
28672
|
|
|
3826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3826000
|
| Size: |
45056
|
|
|
2FDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FDD000
|
| Size: |
40960
|
|
|
33B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33B5000
|
| Size: |
4096
|
|
|
319C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000319C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
319C000
|
| Size: |
12288
|
|
|
346B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000346B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
346B000
|
| Size: |
4096
|
|
|
329C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000329C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
329C000
|
| Size: |
24576
|
|
|
4093000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1534510906.0000000004093000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4093000
|
| Size: |
135168
|
|
|
3407000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003407000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3407000
|
| Size: |
4096
|
|
|
350E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000350E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
350E000
|
| Size: |
4096
|
|
|
339A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000339A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
339A000
|
| Size: |
4096
|
|
|
1EBA1328000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411819142.000001EBA1328000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1328000
|
| Size: |
53248
|
|
|
1649000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.0000000001649000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1649000
|
| Size: |
12288
|
|
|
15F6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289534365.00000000015F6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15F6000
|
| Size: |
8192
|
|
|
10D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2418674892.00000000010D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
10D0000
|
| Size: |
65536
|
|
|
325E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422768687.000000000325E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
325E000
|
| Size: |
8192
|
|
|
373C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000373C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
373C000
|
| Size: |
114688
|
|
|
3614000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003614000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3614000
|
| Size: |
4096
|
|
|
3327000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003327000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3327000
|
| Size: |
4096
|
|
|
5B9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430091014.0000000005B9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B9E000
|
| Size: |
8192
|
|
|
3066000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003066000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3066000
|
| Size: |
4096
|
|
|
39F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F3000
|
| Size: |
4096
|
|
|
6000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536961177.0000000006000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
4096
|
|
|
3398000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003398000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3398000
|
| Size: |
4096
|
|
|
6D30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432159049.0000000006D30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D30000
|
| Size: |
8192
|
|
|
507E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429173527.000000000507E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
507E000
|
| Size: |
8192
|
|
|
355C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000355C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
355C000
|
| Size: |
12288
|
|
|
5AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536098720.0000000005AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AFE000
|
| Size: |
8192
|
|
|
1EBA1395000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411574831.000001EBA1395000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1395000
|
| Size: |
155648
|
|
|
5FFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536862098.0000000005FFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5FFC000
|
| Size: |
16384
|
|
|
342A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000342A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
342A000
|
| Size: |
4096
|
|
|
184E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421344452.000000000184E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
184E000
|
| Size: |
8192
|
|
|
653E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.000000000653E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653E000
|
| Size: |
4096
|
|
|
3932000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003932000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3932000
|
| Size: |
4096
|
|
|
2F70000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2423320549.0000000002F70000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2F70000
|
| Size: |
4096
|
|
|
11DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419328440.00000000011DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11DE000
|
| Size: |
8192
|
|
|
397C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000397C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397C000
|
| Size: |
4096
|
|
|
3492000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003492000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3492000
|
| Size: |
8192
|
|
|
3426000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003426000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3426000
|
| Size: |
4096
|
|
|
5D66000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299528900.0000000005D66000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D66000
|
| Size: |
40960
|
|
|
327F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000327F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
4096
|
|
|
1510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2418998707.0000000001510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1510000
|
| Size: |
57344
|
|
|
37AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AC000
|
| Size: |
4096
|
|
|
6120000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1537520255.0000000006120000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6120000
|
| Size: |
65536
|
|
|
1615000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.0000000001615000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1615000
|
| Size: |
4096
|
|
|
5440000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1535573642.0000000005440000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5440000
|
| Size: |
4096
|
|
|
3616000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003616000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3616000
|
| Size: |
4096
|
|
|
355A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000355A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
355A000
|
| Size: |
4096
|
|
|
392A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000392A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392A000
|
| Size: |
4096
|
|
|
397A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000397A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397A000
|
| Size: |
4096
|
|
|
153E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289359653.000000000153E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
153E000
|
| Size: |
8192
|
|
|
10E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2418855091.00000000010E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10E0000
|
| Size: |
61440
|
|
|
38CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CC000
|
| Size: |
4096
|
|
|
1377000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417622603.0000000001377000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1377000
|
| Size: |
36864
|
|
|
3113000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003113000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3113000
|
| Size: |
4096
|
|
|
6002000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536961177.0000000006002000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6002000
|
| Size: |
57344
|
|
|
1590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419476585.0000000001590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1590000
|
| Size: |
4096
|
|
|
58DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535773037.00000000058DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58DB000
|
| Size: |
20480
|
|
|
32A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32A3000
|
| Size: |
4096
|
|
|
34C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34C4000
|
| Size: |
12288
|
|
|
37BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37BE000
|
| Size: |
4096
|
|
|
635E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301041861.000000000635E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
635E000
|
| Size: |
8192
|
|
|
5DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430312552.0000000005DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DDE000
|
| Size: |
8192
|
|
|
3025000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003025000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3025000
|
| Size: |
4096
|
|
|
33B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33B9000
|
| Size: |
4096
|
|
|
11F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521391170.00000000011F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
8192
|
|
|
36E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E9000
|
| Size: |
4096
|
|
|
303D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000303D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303D000
|
| Size: |
4096
|
|
|
3875000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003875000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3875000
|
| Size: |
4096
|
|
|
38AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38AF000
|
| Size: |
4096
|
|
|
16DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.00000000016DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16DA000
|
| Size: |
8192
|
|
|
312F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000312F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312F000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
37B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B6000
|
| Size: |
4096
|
|
|
371F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000371F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
371F000
|
| Size: |
4096
|
|
|
312E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000312E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312E000
|
| Size: |
4096
|
|
|
3232000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003232000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3232000
|
| Size: |
53248
|
|
|
3189000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003189000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3189000
|
| Size: |
4096
|
|
|
38C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C2000
|
| Size: |
4096
|
|
|
3734000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003734000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3734000
|
| Size: |
12288
|
|
|
14D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421306524.00000000014D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14D0000
|
| Size: |
4096
|
|
|
6480000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301147932.0000000006480000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6480000
|
| Size: |
65536
|
|
|
320C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000320C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320C000
|
| Size: |
12288
|
|
|
39AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39AC000
|
| Size: |
4096
|
|
|
33F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33F6000
|
| Size: |
4096
|
|
|
543D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428751667.000000000543D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
543D000
|
| Size: |
12288
|
|
|
35F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35F9000
|
| Size: |
12288
|
|
|
6600000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1302478432.0000000006600000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6600000
|
| Size: |
65536
|
|
|
18E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421542888.00000000018E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18E0000
|
| Size: |
4096
|
|
|
422C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.000000000422C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
422C000
|
| Size: |
12288
|
|
|
3137000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003137000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3137000
|
| Size: |
28672
|
|
|
639E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430803470.000000000639E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
639E000
|
| Size: |
8192
|
|
|
34BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34BE000
|
| Size: |
4096
|
|
|
315F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000315F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
315F000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5CDD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430201730.0000000005CDD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CDD000
|
| Size: |
12288
|
|
|
3277000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003277000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3277000
|
| Size: |
4096
|
|
|
3035000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003035000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3035000
|
| Size: |
4096
|
|
|
3F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1534510906.0000000003F7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F7C000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
308E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000308E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308E000
|
| Size: |
73728
|
|
|
362B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000362B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
362B000
|
| Size: |
4096
|
|
|
157E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289376743.000000000157E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
157E000
|
| Size: |
8192
|
|
|
4313000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004313000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4313000
|
| Size: |
4096
|
|
|
34D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34D5000
|
| Size: |
4096
|
|
|
124E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.000000000124E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
124E000
|
| Size: |
45056
|
|
|
38A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A9000
|
| Size: |
12288
|
|
|
5DC1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299652155.0000000005DC1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DC1000
|
| Size: |
61440
|
|
|
3094000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003094000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3094000
|
| Size: |
28672
|
|
|
15D3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289433584.00000000015D3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15D3000
|
| Size: |
4096
|
|
|
3212000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003212000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3212000
|
| Size: |
12288
|
|
|
3335000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003335000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3335000
|
| Size: |
4096
|
|
|
3396000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003396000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3396000
|
| Size: |
4096
|
|
|
399E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000399E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399E000
|
| Size: |
36864
|
|
|
14C6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421198916.00000000014C6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14C6000
|
| Size: |
8192
|
|
|
5430000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535544780.0000000005430000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5430000
|
| Size: |
4096
|
|
|
31A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A0000
|
| Size: |
12288
|
|
|
1EBA135C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412351625.000001EBA135C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA135C000
|
| Size: |
24576
|
|
|
381D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000381D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
381D000
|
| Size: |
4096
|
|
|
3665000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003665000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3665000
|
| Size: |
4096
|
|
|
3053000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003053000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3053000
|
| Size: |
4096
|
|
|
390F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000390F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390F000
|
| Size: |
12288
|
|
|
1570000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419360686.0000000001570000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1570000
|
| Size: |
20480
|
|
|
1EBA13BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411524038.000001EBA13BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA13BB000
|
| Size: |
4096
|
|
|
38A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A7000
|
| Size: |
4096
|
|
|
359C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000359C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
359C000
|
| Size: |
8192
|
|
|
30D5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030D5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D5000
|
| Size: |
4096
|
|
|
E59000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417439277.0000000000E59000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E59000
|
| Size: |
28672
|
|
|
40CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40CF000
|
| Size: |
12288
|
|
|
16BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289661995.00000000016BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16BC000
|
| Size: |
16384
|
|
|
30D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D3000
|
| Size: |
4096
|
|
|
3941000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003941000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3941000
|
| Size: |
4096
|
|
|
5E2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299773726.0000000005E2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E2D000
|
| Size: |
12288
|
|
|
31DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31DC000
|
| Size: |
4096
|
|
|
4528000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004528000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4528000
|
| Size: |
8192
|
|
|
15D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.00000000015D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D8000
|
| Size: |
86016
|
|
|
4540000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004540000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4540000
|
| Size: |
12288
|
|
|
399B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000399B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399B000
|
| Size: |
4096
|
|
|
1230000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521615604.0000000001230000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
4096
|
|
|
30B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B3000
|
| Size: |
4096
|
|
|
5880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428861633.0000000005880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5880000
|
| Size: |
4096
|
|
|
329A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000329A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
329A000
|
| Size: |
4096
|
|
|
121B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521482614.000000000121B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
121B000
|
| Size: |
8192
|
|
|
39A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A8000
|
| Size: |
12288
|
|
|
31EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000031EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31EE000
|
| Size: |
12288
|
|
|
3519000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003519000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3519000
|
| Size: |
20480
|
|
|
58E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535846519.00000000058E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58E1000
|
| Size: |
61440
|
|
|
58C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535730644.00000000058C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58C5000
|
| Size: |
36864
|
|
|
32FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FB000
|
| Size: |
4096
|
|
|
5BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536134729.0000000005BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BFE000
|
| Size: |
8192
|
|
|
619F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430736284.000000000619F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
619F000
|
| Size: |
4096
|
|
|
1698000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.0000000001698000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1698000
|
| Size: |
225280
|
|
|
3840000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003840000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3840000
|
| Size: |
16384
|
|
|
357D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000357D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
357D000
|
| Size: |
4096
|
|
|
35E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35E3000
|
| Size: |
53248
|
|
|
69B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303798334.00000000069B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69B0000
|
| Size: |
192512
|
|
|
14D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421347261.00000000014D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14D2000
|
| Size: |
4096
|
|
|
3873000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003873000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3873000
|
| Size: |
4096
|
|
|
1203000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521432977.0000000001203000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1203000
|
| Size: |
4096
|
|
|
39B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B2000
|
| Size: |
4096
|
|
|
5540000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429890128.0000000005540000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5540000
|
| Size: |
4096
|
|
|
120D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521464502.000000000120D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
120D000
|
| Size: |
4096
|
|
|
1500000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2418875681.0000000001500000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1500000
|
| Size: |
65536
|
|
|
357F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000357F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
357F000
|
| Size: |
4096
|
|
|
37E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E9000
|
| Size: |
4096
|
|
|
59DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299402044.00000000059DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59DF000
|
| Size: |
4096
|
|
|
30DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DB000
|
| Size: |
8192
|
|
|
12D6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.00000000012D6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D6000
|
| Size: |
24576
|
|
|
339C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000339C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
339C000
|
| Size: |
4096
|
|
|
316A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000316A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
316A000
|
| Size: |
4096
|
|
|
3786000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003786000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3786000
|
| Size: |
4096
|
|
|
3836000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003836000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3836000
|
| Size: |
4096
|
|
|
14D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523424691.00000000014D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D0000
|
| Size: |
24576
|
|
|
1B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290141288.0000000001B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B60000
|
| Size: |
65536
|
|
|
3484000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003484000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3484000
|
| Size: |
12288
|
|
|
3592000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003592000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3592000
|
| Size: |
4096
|
|
|
31B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B9000
|
| Size: |
4096
|
|
|
59FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430096897.00000000059FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59FE000
|
| Size: |
8192
|
|
|
3627000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003627000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3627000
|
| Size: |
4096
|
|
|
3209000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290412732.0000000003209000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3209000
|
| Size: |
12288
|
|
|
30B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B7000
|
| Size: |
4096
|
|
|
160A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.000000000160A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
160A000
|
| Size: |
16384
|
|
|
3784000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003784000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3784000
|
| Size: |
4096
|
|
|
31F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000031F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F6000
|
| Size: |
4096
|
|
|
14A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420812070.00000000014A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14A4000
|
| Size: |
8192
|
|
|
3890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3890000
|
| Size: |
4096
|
|
|
31A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A6000
|
| Size: |
4096
|
|
|
415F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.000000000415F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
415F000
|
| Size: |
12288
|
|
|
30BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BB000
|
| Size: |
94208
|
|
|
12B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.00000000012B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B2000
|
| Size: |
143360
|
|
|
1070000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521291809.0000000001070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1070000
|
| Size: |
16384
|
|
|
359F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000359F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
359F000
|
| Size: |
4096
|
|
|
3443000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003443000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3443000
|
| Size: |
4096
|
|
|
39E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E3000
|
| Size: |
28672
|
|
|
36F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36F8000
|
| Size: |
4096
|
|
|
318F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000318F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318F000
|
| Size: |
4096
|
|
|
3564000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003564000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3564000
|
| Size: |
4096
|
|
|
394C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000394C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
394C000
|
| Size: |
8192
|
|
|
31FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000031FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31FD000
|
| Size: |
24576
|
|
|
65C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1302035801.00000000065C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
65C0000
|
| Size: |
65536
|
|
|
44EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000044EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44EC000
|
| Size: |
4096
|
|
|
1232000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521633106.0000000001232000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1232000
|
| Size: |
4096
|
|
|
3738000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003738000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3738000
|
| Size: |
4096
|
|
|
3128000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003128000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3128000
|
| Size: |
4096
|
|
|
578D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535662955.000000000578D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
578D000
|
| Size: |
12288
|
|
|
2FF7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FF7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF7000
|
| Size: |
4096
|
|
|
32C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C8000
|
| Size: |
4096
|
|
|
32FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FF000
|
| Size: |
4096
|
|
|
348C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000348C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
348C000
|
| Size: |
4096
|
|
|
1EBA1308000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412219343.000001EBA1308000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1308000
|
| Size: |
131072
|
|
|
6BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431930643.0000000006BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BAE000
|
| Size: |
8192
|
|
|
1140000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419076593.0000000001140000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1140000
|
| Size: |
4096
|
|
|
473C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.000000000473C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
473C000
|
| Size: |
135168
|
|
|
3965000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003965000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3965000
|
| Size: |
4096
|
|
|
64EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430612991.00000000064EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64EE000
|
| Size: |
8192
|
|
|
5940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429698483.0000000005940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5940000
|
| Size: |
20480
|
|
|
EFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521211329.0000000000EFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EFB000
|
| Size: |
20480
|
|
|
31F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F9000
|
| Size: |
4096
|
|
|
6640000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1302684168.0000000006640000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6640000
|
| Size: |
61440
|
|
|
343D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000343D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
343D000
|
| Size: |
4096
|
|
|
65F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1302349539.00000000065F0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
65F0000
|
| Size: |
65536
|
|
|
340D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000340D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
340D000
|
| Size: |
8192
|
|
|
3700000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003700000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3700000
|
| Size: |
4096
|
|
|
31B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B3000
|
| Size: |
20480
|
|
|
15CD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2419757114.00000000015CD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15CD000
|
| Size: |
4096
|
|
|
123B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521669036.000000000123B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
123B000
|
| Size: |
4096
|
|
|
32BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32BF000
|
| Size: |
40960
|
|
|
3218000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003218000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3218000
|
| Size: |
24576
|
|
|
30E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E1000
|
| Size: |
4096
|
|
|
5E20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536189697.0000000005E20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5E20000
|
| Size: |
12288
|
|
|
3314000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003314000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3314000
|
| Size: |
4096
|
|
|
34D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34D4000
|
| Size: |
4096
|
|
|
1EBA1575000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412526730.000001EBA1575000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1575000
|
| Size: |
36864
|
|
|
3174000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003174000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3174000
|
| Size: |
4096
|
|
|
14F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289343635.00000000014F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F0000
|
| Size: |
8192
|
|
|
302D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000302D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
302D000
|
| Size: |
4096
|
|
|
44CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000044CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44CB000
|
| Size: |
8192
|
|
|
342F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000342F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
342F000
|
| Size: |
45056
|
|
|
2FFB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FFB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FFB000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
340F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000340F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
340F000
|
| Size: |
4096
|
|
|
39D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D6000
|
| Size: |
12288
|
|
|
31F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F5000
|
| Size: |
4096
|
|
|
1B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290205831.0000000001B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B90000
|
| Size: |
16384
|
|
|
4283000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004283000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4283000
|
| Size: |
12288
|
|
|
6660000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1302749199.0000000006660000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6660000
|
| Size: |
65536
|
|
|
30F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F6000
|
| Size: |
12288
|
|
|
160B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289603910.000000000160B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
160B000
|
| Size: |
4096
|
|
|
645E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301073848.000000000645E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
645E000
|
| Size: |
8192
|
|
|
3029000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003029000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3029000
|
| Size: |
12288
|
|
|
30D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D7000
|
| Size: |
4096
|
|
|
3177000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003177000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3177000
|
| Size: |
28672
|
|
|
F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521238531.0000000000F30000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F30000
|
| Size: |
4096
|
|
|
665E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431726979.000000000665E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
665E000
|
| Size: |
8192
|
|
|
33AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33AB000
|
| Size: |
4096
|
|
|
41B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000041B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
41B7000
|
| Size: |
8192
|
|
|
61F0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1300438282.00000000061F0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
61F0000
|
| Size: |
1073152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
3A29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A29000
|
| Size: |
4096
|
|
|
58D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429433539.00000000058D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58D6000
|
| Size: |
40960
|
|
|
58B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.00000000058B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58B1000
|
| Size: |
16384
|
|
|
4261000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004261000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4261000
|
| Size: |
28672
|
|
|
5950000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2429815656.0000000005950000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5950000
|
| Size: |
4096
|
|
|
331E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000331E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331E000
|
| Size: |
32768
|
|
|
19CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290119396.00000000019CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19CF000
|
| Size: |
4096
|
|
|
58AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.00000000058AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58AE000
|
| Size: |
4096
|
|
|
14E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523480326.00000000014E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14E8000
|
| Size: |
8192
|
|
|
32F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32F9000
|
| Size: |
4096
|
|
|
31EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31EF000
|
| Size: |
4096
|
|
|
EE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1169772438.0000000000EE0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
EE0000
|
| Size: |
4096
|
|
|
5900000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1535985332.0000000005900000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5900000
|
| Size: |
57344
|
|
|
30B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B5000
|
| Size: |
4096
|
|
|
319A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000319A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
319A000
|
| Size: |
4096
|
|
|
34EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34EB000
|
| Size: |
12288
|
|
|
351F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000351F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
351F000
|
| Size: |
20480
|
|
|
3414000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003414000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3414000
|
| Size: |
36864
|
|
|
3409000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003409000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3409000
|
| Size: |
12288
|
|
|
32D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32D9000
|
| Size: |
8192
|
|
|
3348000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003348000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3348000
|
| Size: |
12288
|
|
|
1204000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521448480.0000000001204000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1204000
|
| Size: |
4096
|
|
|
1EBA1140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412145727.000001EBA1140000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1140000
|
| Size: |
4096
|
|
|
327D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000327D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327D000
|
| Size: |
4096
|
|
|
72CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432926392.00000000072CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
72CE000
|
| Size: |
8192
|
|
|
33FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33FF000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
35D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35D6000
|
| Size: |
4096
|
|
|
60750FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412013325.00000060750FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60750FF000
|
| Size: |
4096
|
|
|
353A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000353A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
353A000
|
| Size: |
176128
|
|
|
2FD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FD1000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
34C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34C8000
|
| Size: |
8192
|
|
|
4341000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004341000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4341000
|
| Size: |
20480
|
|
|
395B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000395B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395B000
|
| Size: |
4096
|
|
|
30DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DF000
|
| Size: |
4096
|
|
|
38F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F8000
|
| Size: |
12288
|
|
|
3732000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003732000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3732000
|
| Size: |
4096
|
|
|
3631000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003631000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3631000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
36FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FA000
|
| Size: |
4096
|
|
|
338C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000338C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
338C000
|
| Size: |
8192
|
|
|
35C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35C7000
|
| Size: |
57344
|
|
|
69EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303798334.00000000069EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69EE000
|
| Size: |
106496
|
|
|
33B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33B1000
|
| Size: |
12288
|
|
|
3719000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003719000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3719000
|
| Size: |
12288
|
|
|
33CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33CA000
|
| Size: |
4096
|
|
|
69A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432391700.00000000069A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69A0000
|
| Size: |
45056
|
|
|
38BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38BC000
|
| Size: |
20480
|
|
|
1580000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523506640.0000000001580000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1580000
|
| Size: |
65536
|
|
|
14A3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2420765938.00000000014A3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14A3000
|
| Size: |
4096
|
|
|
3717000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003717000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3717000
|
| Size: |
4096
|
|
|
5E30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2430489428.0000000005E30000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5E30000
|
| Size: |
65536
|
|
|
58B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.00000000058B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58B6000
|
| Size: |
16384
|
|
|
39DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DC000
|
| Size: |
4096
|
|
|
343B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000343B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
343B000
|
| Size: |
4096
|
|
|
346D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000346D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
346D000
|
| Size: |
4096
|
|
|
3210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3210000
|
| Size: |
4096
|
|
|
37E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E7000
|
| Size: |
4096
|
|
|
3035000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003035000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3035000
|
| Size: |
4096
|
|
|
33F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33F0000
|
| Size: |
4096
|
|
|
316E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000316E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
316E000
|
| Size: |
4096
|
|
|
367A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000367A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
367A000
|
| Size: |
4096
|
|
|
4365000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004365000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4365000
|
| Size: |
12288
|
|
|
33EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33EA000
|
| Size: |
4096
|
|
|
3678000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003678000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3678000
|
| Size: |
4096
|
|
|
6D38000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432159049.0000000006D38000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D38000
|
| Size: |
4096
|
|
|
3676000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003676000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3676000
|
| Size: |
4096
|
|
|
1EBA1350000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412351625.000001EBA1350000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1350000
|
| Size: |
4096
|
|
|
4269000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004269000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4269000
|
| Size: |
4096
|
|
|
601E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537055811.000000000601E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
601E000
|
| Size: |
8192
|
|
|
309E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000309E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
309E000
|
| Size: |
4096
|
|
|
36B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B6000
|
| Size: |
4096
|
|
|
31FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31FB000
|
| Size: |
4096
|
|
|
1220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521548913.0000000001220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1220000
|
| Size: |
4096
|
|
|
15B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419516431.00000000015B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15B0000
|
| Size: |
8192
|
|
|
5500000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429322630.0000000005500000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5500000
|
| Size: |
45056
|
|
|
3225000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003225000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3225000
|
| Size: |
4096
|
|
|
14C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421101195.00000000014C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14C0000
|
| Size: |
4096
|
|
|
306C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000306C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306C000
|
| Size: |
4096
|
|
|
391C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000391C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
391C000
|
| Size: |
36864
|
|
|
44EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000044EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44EE000
|
| Size: |
4096
|
|
|
401E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.000000000401E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
401E000
|
| Size: |
20480
|
|
|
3381000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003381000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3381000
|
| Size: |
4096
|
|
|
30B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B2000
|
| Size: |
4096
|
|
|
3115000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003115000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3115000
|
| Size: |
8192
|
|
|
3693000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003693000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3693000
|
| Size: |
12288
|
|
|
334E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000334E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334E000
|
| Size: |
4096
|
|
|
31B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290237250.00000000031B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31B0000
|
| Size: |
65536
|
|
|
3185000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003185000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3185000
|
| Size: |
4096
|
|
|
3A12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A12000
|
| Size: |
4096
|
|
|
352D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000352D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
352D000
|
| Size: |
4096
|
|
|
35F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35F5000
|
| Size: |
4096
|
|
|
30E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E3000
|
| Size: |
4096
|
|
|
3392000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003392000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3392000
|
| Size: |
4096
|
|
|
65A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1301884276.00000000065A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
65A0000
|
| Size: |
65536
|
|
|
364A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000364A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
364A000
|
| Size: |
4096
|
|
|
32B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B1000
|
| Size: |
4096
|
|
|
3A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A60000
|
| Size: |
4096
|
|
|
3447000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003447000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3447000
|
| Size: |
4096
|
|
|
37B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B2000
|
| Size: |
4096
|
|
|
32FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32FD000
|
| Size: |
4096
|
|
|
35FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35FD000
|
| Size: |
32768
|
|
|
31E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31E1000
|
| Size: |
53248
|
|
|
5BDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299470653.0000000005BDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BDE000
|
| Size: |
8192
|
|
|
5E20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2430402632.0000000005E20000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5E20000
|
| Size: |
65536
|
|
|
3667000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003667000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3667000
|
| Size: |
40960
|
|
|
5964000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429863744.0000000005964000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5964000
|
| Size: |
4096
|
|
|
31F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F7000
|
| Size: |
4096
|
|
|
58E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429569872.00000000058E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58E0000
|
| Size: |
49152
|
|
|
EE2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1169797401.0000000000EE2000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
EE2000
|
| Size: |
1224704
|
|
|
30E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E0000
|
| Size: |
53248
|
|
|
360C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000360C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
360C000
|
| Size: |
12288
|
|
|
30B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B8000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
343F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000343F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
343F000
|
| Size: |
4096
|
|
|
39DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DA000
|
| Size: |
4096
|
|
|
19A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422424246.00000000019A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19A4000
|
| Size: |
4096
|
|
|
65DD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431648341.00000000065DD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65DD000
|
| Size: |
12288
|
|
|
4FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535432016.0000000004FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FCE000
|
| Size: |
8192
|
|
|
34F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34F5000
|
| Size: |
12288
|
|
|
69ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431750583.00000000069ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69ED000
|
| Size: |
12288
|
|
|
6966000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432237385.0000000006966000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6966000
|
| Size: |
4096
|
|
|
1EBA1353000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412351625.000001EBA1353000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1353000
|
| Size: |
32768
|
|
|
36E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E5000
|
| Size: |
4096
|
|
|
322D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000322D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322D000
|
| Size: |
4096
|
|
|
3081000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003081000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3081000
|
| Size: |
4096
|
|
|
18FB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421915153.00000000018FB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
18FB000
|
| Size: |
4096
|
|
|
6555000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.0000000006555000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6555000
|
| Size: |
65536
|
|
|
322F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000322F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322F000
|
| Size: |
4096
|
|
|
38DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38DF000
|
| Size: |
4096
|
|
|
3290000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003290000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3290000
|
| Size: |
4096
|
|
|
1B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290172552.0000000001B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B70000
|
| Size: |
65536
|
|
|
53CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535513653.00000000053CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53CE000
|
| Size: |
8192
|
|
|
14A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420726640.00000000014A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
8192
|
|
|
6920000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2431985681.0000000006920000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6920000
|
| Size: |
65536
|
|
|
30B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B9000
|
| Size: |
4096
|
|
|
339F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000339F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
339F000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
64B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1538169362.00000000064B0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
64B0000
|
| Size: |
131072
|
|
|
4382000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004382000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4382000
|
| Size: |
12288
|
|
|
6DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432688951.0000000006DC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DC0000
|
| Size: |
45056
|
|
|
4214000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004214000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4214000
|
| Size: |
8192
|
|
|
1510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421736311.0000000001510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1510000
|
| Size: |
65536
|
|
|
16D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.00000000016D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D0000
|
| Size: |
36864
|
|
|
6160000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537731211.0000000006160000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6160000
|
| Size: |
65536
|
|
|
1500000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421579608.0000000001500000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1500000
|
| Size: |
65536
|
|
|
39F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F1000
|
| Size: |
4096
|
|
|
311C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000311C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
311C000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
415000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000415000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
415000
|
| Size: |
49152
|
|
|
4401000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.0000000004401000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4401000
|
| Size: |
24576
|
|
|
30B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B0000
|
| Size: |
4096
|
|
|
5970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430039211.0000000005970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5970000
|
| Size: |
4096
|
|
|
38F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F0000
|
| Size: |
4096
|
|
|
3346000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003346000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3346000
|
| Size: |
4096
|
|
|
6930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2432087545.0000000006930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6930000
|
| Size: |
65536
|
|
|
3170000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003170000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3170000
|
| Size: |
4096
|
|
|
445D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000445D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
445D000
|
| Size: |
8192
|
|
|
35A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35A1000
|
| Size: |
36864
|
|
|
3A27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A27000
|
| Size: |
4096
|
|
|
1990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422293663.0000000001990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1990000
|
| Size: |
65536
|
|
|
3071000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003071000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3071000
|
| Size: |
20480
|
|
|
3A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A1B000
|
| Size: |
4096
|
|
|
10B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2418146566.00000000010B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10B7000
|
| Size: |
36864
|
|
|
32CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32CA000
|
| Size: |
4096
|
|
|
2FF3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FF3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FF3000
|
| Size: |
4096
|
|
|
37E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E3000
|
| Size: |
4096
|
|
|
32CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32CB000
|
| Size: |
12288
|
|
|
38A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A3000
|
| Size: |
12288
|
|
|
3A6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6C000
|
| Size: |
24576
|
|
|
6074DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1411960205.0000006074DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6074DFE000
|
| Size: |
8192
|
|
|
34FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34FE000
|
| Size: |
53248
|
|
|
1EBA1570000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412526730.000001EBA1570000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1570000
|
| Size: |
16384
|
|
|
564F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535619882.000000000564F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
564F000
|
| Size: |
4096
|
|
|
3763000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003763000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3763000
|
| Size: |
4096
|
|
|
3248000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003248000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3248000
|
| Size: |
94208
|
|
|
3782000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003782000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3782000
|
| Size: |
4096
|
|
|
3788000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003788000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3788000
|
| Size: |
4096
|
|
|
550F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429322630.000000000550F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
550F000
|
| Size: |
4096
|
|
|
3823000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003823000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3823000
|
| Size: |
4096
|
|
|
5890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.0000000005890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5890000
|
| Size: |
32768
|
|
|
395D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000395D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395D000
|
| Size: |
4096
|
|
|
3331000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003331000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3331000
|
| Size: |
4096
|
|
|
679E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431820418.000000000679E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
679E000
|
| Size: |
8192
|
|
|
12AF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.00000000012AF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12AF000
|
| Size: |
8192
|
|
|
39B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B6000
|
| Size: |
4096
|
|
|
69B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432532707.00000000069B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69B0000
|
| Size: |
65536
|
|
|
3124000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003124000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3124000
|
| Size: |
4096
|
|
|
38AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38AD000
|
| Size: |
4096
|
|
|
3A66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A66000
|
| Size: |
4096
|
|
|
318B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000318B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318B000
|
| Size: |
4096
|
|
|
32AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32AF000
|
| Size: |
4096
|
|
|
1240000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.0000000001240000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1240000
|
| Size: |
24576
|
|
|
376B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000376B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
376B000
|
| Size: |
4096
|
|
|
676E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431584863.000000000676E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
676E000
|
| Size: |
8192
|
|
|
124E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.000000000124E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
124E000
|
| Size: |
98304
|
|
|
5FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299889134.0000000005FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FDE000
|
| Size: |
8192
|
|
|
5DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299599840.0000000005DB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DB0000
|
| Size: |
65536
|
|
|
342C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000342C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
342C000
|
| Size: |
4096
|
|
|
3579000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003579000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3579000
|
| Size: |
4096
|
|
|
6107000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537297441.0000000006107000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6107000
|
| Size: |
36864
|
|
|
2F1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F1B000
|
| Size: |
8192
|
|
|
343A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000343A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
343A000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3935000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003935000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3935000
|
| Size: |
45056
|
|
|
31F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F1000
|
| Size: |
4096
|
|
|
3027000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003027000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3027000
|
| Size: |
4096
|
|
|
36B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B2000
|
| Size: |
4096
|
|
|
361B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000361B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
361B000
|
| Size: |
45056
|
|
|
35F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35F3000
|
| Size: |
4096
|
|
|
3A46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A46000
|
| Size: |
94208
|
|
|
1602000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289579376.0000000001602000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1602000
|
| Size: |
4096
|
|
|
3394000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003394000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3394000
|
| Size: |
4096
|
|
|
3722000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003722000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3722000
|
| Size: |
36864
|
|
|
39DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39DE000
|
| Size: |
4096
|
|
|
629F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430773408.000000000629F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
629F000
|
| Size: |
4096
|
|
|
6573000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.0000000006573000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6573000
|
| Size: |
249856
|
|
|
308C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000308C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308C000
|
| Size: |
20480
|
|
|
1090000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417761747.0000000001090000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1090000
|
| Size: |
8192
|
|
|
3594000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003594000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3594000
|
| Size: |
4096
|
|
|
3150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3150000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299750211.0000000005DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DE0000
|
| Size: |
12288
|
|
|
1EBA1395000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411735717.000001EBA1395000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1395000
|
| Size: |
155648
|
|
|
33EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33EE000
|
| Size: |
4096
|
|
|
3943000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003943000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3943000
|
| Size: |
4096
|
|
|
11AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289308796.00000000011AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11AB000
|
| Size: |
20480
|
|
|
3A25000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A25000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A25000
|
| Size: |
4096
|
|
|
3F89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003F89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F89000
|
| Size: |
4096
|
|
|
1200000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521410957.0000000001200000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1200000
|
| Size: |
12288
|
|
|
379F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000379F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379F000
|
| Size: |
12288
|
|
|
38CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CA000
|
| Size: |
4096
|
|
|
3877000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003877000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3877000
|
| Size: |
4096
|
|
|
38D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38D9000
|
| Size: |
4096
|
|
|
3207000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003207000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3207000
|
| Size: |
8192
|
|
|
310B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000310B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
310B000
|
| Size: |
4096
|
|
|
3799000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003799000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3799000
|
| Size: |
4096
|
|
|
30BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30BD000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421956136.0000000001910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1910000
|
| Size: |
4096
|
|
|
5FCF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536643018.0000000005FCF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5FCF000
|
| Size: |
4096
|
|
|
426B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000426B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
426B000
|
| Size: |
8192
|
|
|
58D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429433539.00000000058D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58D0000
|
| Size: |
4096
|
|
|
18F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421818224.00000000018F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18F2000
|
| Size: |
4096
|
|
|
39F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F5000
|
| Size: |
4096
|
|
|
3967000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003967000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3967000
|
| Size: |
4096
|
|
|
1590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289392414.0000000001590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1590000
|
| Size: |
16384
|
|
|
6D60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432469279.0000000006D60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6D60000
|
| Size: |
8192
|
|
|
3A14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A14000
|
| Size: |
4096
|
|
|
39EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39EF000
|
| Size: |
4096
|
|
|
6010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537055811.0000000006010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6010000
|
| Size: |
4096
|
|
|
596A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429863744.000000000596A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
596A000
|
| Size: |
24576
|
|
|
3413000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003413000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3413000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
12F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.00000000012F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F9000
|
| Size: |
286720
|
|
|
3337000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003337000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3337000
|
| Size: |
4096
|
|
|
5F9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536565665.0000000005F9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F9E000
|
| Size: |
8192
|
|
|
413000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000413000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
413000
|
| Size: |
4096
|
|
|
30AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AA000
|
| Size: |
8192
|
|
|
38B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B4000
|
| Size: |
28672
|
|
|
395F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000395F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
395F000
|
| Size: |
4096
|
|
|
3244000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003244000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3244000
|
| Size: |
4096
|
|
|
10D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521335641.00000000010D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D5000
|
| Size: |
12288
|
|
|
5C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430142769.0000000005C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C9E000
|
| Size: |
8192
|
|
|
3915000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003915000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3915000
|
| Size: |
4096
|
|
|
3294000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003294000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3294000
|
| Size: |
4096
|
|
|
5410000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2429222041.0000000005410000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
105E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521273434.000000000105E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
105E000
|
| Size: |
8192
|
|
|
545E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429267290.000000000545E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
545E000
|
| Size: |
8192
|
|
|
6012000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537055811.0000000006012000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6012000
|
| Size: |
40960
|
|
|
3118000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003118000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3118000
|
| Size: |
45056
|
|
|
40B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40B2000
|
| Size: |
4096
|
|
|
18EA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421699157.00000000018EA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
18EA000
|
| Size: |
8192
|
|
|
5E26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536189697.0000000005E26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5E26000
|
| Size: |
40960
|
|
|
12E3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.00000000012E3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E3000
|
| Size: |
12288
|
|
|
30AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AE000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
42CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000042CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
42CE000
|
| Size: |
8192
|
|
|
43A000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.000000000043A000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
43A000
|
| Size: |
4096
|
|
|
F57000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417562048.0000000000F57000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F57000
|
| Size: |
36864
|
|
|
3512000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003512000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3512000
|
| Size: |
4096
|
|
|
38F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F4000
|
| Size: |
4096
|
|
|
1705000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.0000000001705000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1705000
|
| Size: |
49152
|
|
|
310F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000310F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
310F000
|
| Size: |
4096
|
|
|
3273000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003273000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3273000
|
| Size: |
4096
|
|
|
317F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000317F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
317F000
|
| Size: |
20480
|
|
|
3F81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003F81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F81000
|
| Size: |
28672
|
|
|
534E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535454867.000000000534E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
534E000
|
| Size: |
8192
|
|
|
656A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.000000000656A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
656A000
|
| Size: |
4096
|
|
|
15D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.00000000015D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
24576
|
|
|
439B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000439B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
439B000
|
| Size: |
4096
|
|
|
54FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299250232.00000000054FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54FE000
|
| Size: |
8192
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
3978000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003978000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3978000
|
| Size: |
4096
|
|
|
122A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521598411.000000000122A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
122A000
|
| Size: |
4096
|
|
|
3323000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003323000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3323000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5FE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1536708989.0000000005FE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5FE0000
|
| Size: |
65536
|
|
|
3715000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003715000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3715000
|
| Size: |
4096
|
|
|
383E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000383E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383E000
|
| Size: |
4096
|
|
|
334B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000334B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334B000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3575000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003575000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3575000
|
| Size: |
4096
|
|
|
3020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3020000
|
| Size: |
4096
|
|
|
686E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431620731.000000000686E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
686E000
|
| Size: |
8192
|
|
|
3037000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003037000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3037000
|
| Size: |
4096
|
|
|
33BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33BD000
|
| Size: |
8192
|
|
|
3612000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003612000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3612000
|
| Size: |
4096
|
|
|
362F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000362F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
362F000
|
| Size: |
4096
|
|
|
38C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C8000
|
| Size: |
4096
|
|
|
66C0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303196281.00000000066C0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
66C0000
|
| Size: |
323584
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
18E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421582490.00000000018E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18E2000
|
| Size: |
4096
|
|
|
3991000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003991000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3991000
|
| Size: |
4096
|
|
|
15ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289487209.00000000015ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15ED000
|
| Size: |
4096
|
|
|
5520000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429688843.0000000005520000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5520000
|
| Size: |
65536
|
|
|
1769000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.0000000001769000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1769000
|
| Size: |
16384
|
|
|
196E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422072306.000000000196E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196E000
|
| Size: |
8192
|
|
|
3A0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A0C000
|
| Size: |
4096
|
|
|
3077000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003077000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3077000
|
| Size: |
28672
|
|
|
31DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31DE000
|
| Size: |
4096
|
|
|
6074CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1411937261.0000006074CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6074CFE000
|
| Size: |
8192
|
|
|
1150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419123985.0000000001150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1150000
|
| Size: |
20480
|
|
|
31C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31C3000
|
| Size: |
98304
|
|
|
380A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000380A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
380A000
|
| Size: |
4096
|
|
|
387F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000387F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
387F000
|
| Size: |
32768
|
|
|
3313000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003313000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3313000
|
| Size: |
4096
|
|
|
149E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523286853.000000000149E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
149E000
|
| Size: |
8192
|
|
|
3495000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003495000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3495000
|
| Size: |
45056
|
|
|
6D50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2432364346.0000000006D50000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6D50000
|
| Size: |
65536
|
|
|
18DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421498841.00000000018DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
18DD000
|
| Size: |
4096
|
|
|
4289000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004289000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4289000
|
| Size: |
192512
|
|
|
31E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290291873.00000000031E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
31E0000
|
| Size: |
4096
|
|
|
34BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34BC000
|
| Size: |
4096
|
|
|
309C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000309C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
309C000
|
| Size: |
4096
|
|
|
36D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36D3000
|
| Size: |
45056
|
|
|
40B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40B6000
|
| Size: |
8192
|
|
|
3F7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1534510906.0000000003F7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F7A000
|
| Size: |
4096
|
|
|
348A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000348A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
348A000
|
| Size: |
4096
|
|
|
34E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34E0000
|
| Size: |
4096
|
|
|
30DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DB000
|
| Size: |
4096
|
|
|
1700000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421140160.0000000001700000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1700000
|
| Size: |
32768
|
|
|
32B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B5000
|
| Size: |
4096
|
|
|
34DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34DC000
|
| Size: |
4096
|
|
|
533C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428693418.000000000533C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
533C000
|
| Size: |
16384
|
|
|
6A09000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303798334.0000000006A09000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A09000
|
| Size: |
200704
|
|
|
339E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000339E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
339E000
|
| Size: |
4096
|
|
|
398F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000398F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
398F000
|
| Size: |
4096
|
|
|
32F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32F5000
|
| Size: |
4096
|
|
|
18F7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421862020.00000000018F7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
18F7000
|
| Size: |
4096
|
|
|
38FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38FD000
|
| Size: |
12288
|
|
|
34EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34EF000
|
| Size: |
503808
|
|
|
40ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40ED000
|
| Size: |
4096
|
|
|
3240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3240000
|
| Size: |
12288
|
|
|
36E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E1000
|
| Size: |
4096
|
|
|
3892000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003892000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3892000
|
| Size: |
4096
|
|
|
32B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B3000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
331A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000331A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331A000
|
| Size: |
12288
|
|
|
334C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000334C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
334C000
|
| Size: |
4096
|
|
|
2F2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F2E000
|
| Size: |
4096
|
|
|
34E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34E3000
|
| Size: |
53248
|
|
|
3963000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003963000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3963000
|
| Size: |
4096
|
|
|
421000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000421000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
421000
|
| Size: |
4096
|
|
|
1780000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.0000000001780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
323584
|
|
|
3130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3130000
|
| Size: |
4096
|
|
|
3A2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2B000
|
| Size: |
4096
|
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000402000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
402000
|
| Size: |
65536
|
|
|
550D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429322630.000000000550D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
550D000
|
| Size: |
4096
|
|
|
362D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000362D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
362D000
|
| Size: |
4096
|
|
|
14D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523424691.00000000014D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D9000
|
| Size: |
12288
|
|
|
32DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000032DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32DD000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
303D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000303D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303D000
|
| Size: |
61440
|
|
|
1980000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2422196382.0000000001980000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1980000
|
| Size: |
65536
|
|
|
3928000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003928000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3928000
|
| Size: |
4096
|
|
|
3292000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003292000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3292000
|
| Size: |
4096
|
|
|
35DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35DC000
|
| Size: |
4096
|
|
|
3A64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A64000
|
| Size: |
4096
|
|
|
64B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301282442.00000000064B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64B0000
|
| Size: |
65536
|
|
|
3191000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003191000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3191000
|
| Size: |
32768
|
|
|
3699000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003699000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3699000
|
| Size: |
4096
|
|
|
2F1E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F1E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F1E000
|
| Size: |
57344
|
|
|
2D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421952828.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D0E000
|
| Size: |
8192
|
|
|
3126000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003126000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3126000
|
| Size: |
4096
|
|
|
6470000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1301105607.0000000006470000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6470000
|
| Size: |
32768
|
|
|
331F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000331F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331F000
|
| Size: |
4096
|
|
|
388C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000388C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388C000
|
| Size: |
4096
|
|
|
34F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34F1000
|
| Size: |
12288
|
|
|
313F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000313F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
313F000
|
| Size: |
94208
|
|
|
3713000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003713000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3713000
|
| Size: |
4096
|
|
|
31BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BD000
|
| Size: |
4096
|
|
|
1713000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.0000000001713000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1713000
|
| Size: |
319488
|
|
|
2EC0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1523745153.0000000002EC0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2EC0000
|
| Size: |
4096
|
|
|
36ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36ED000
|
| Size: |
40960
|
|
|
4251000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004251000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4251000
|
| Size: |
8192
|
|
|
6A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431798763.0000000006A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A2E000
|
| Size: |
8192
|
|
|
672F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431550061.000000000672F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
672F000
|
| Size: |
4096
|
|
|
302D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000302D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
302D000
|
| Size: |
20480
|
|
|
3135000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003135000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3135000
|
| Size: |
4096
|
|
|
3281000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003281000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3281000
|
| Size: |
49152
|
|
|
32C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32C4000
|
| Size: |
12288
|
|
|
372C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000372C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372C000
|
| Size: |
12288
|
|
|
3896000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003896000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3896000
|
| Size: |
4096
|
|
|
60755FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412119141.00000060755FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60755FB000
|
| Size: |
20480
|
|
|
3306000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003306000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3306000
|
| Size: |
8192
|
|
|
348E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000348E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
348E000
|
| Size: |
4096
|
|
|
38DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38DD000
|
| Size: |
4096
|
|
|
6970000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1303640436.0000000006970000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6970000
|
| Size: |
131072
|
|
|
39B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B4000
|
| Size: |
4096
|
|
|
3516000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003516000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3516000
|
| Size: |
4096
|
|
|
3142000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003142000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3142000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
33FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33FD000
|
| Size: |
36864
|
|
|
3A40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A40000
|
| Size: |
4096
|
|
|
16C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289678290.00000000016C0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
16C0000
|
| Size: |
65536
|
|
|
71CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432876144.00000000071CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
71CF000
|
| Size: |
4096
|
|
|
336F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000336F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
336F000
|
| Size: |
77824
|
|
|
1450000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523249021.0000000001450000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1450000
|
| Size: |
4096
|
|
|
30D9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030D9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30D9000
|
| Size: |
4096
|
|
|
2F0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422296772.0000000002F0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F0C000
|
| Size: |
16384
|
|
|
3919000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003919000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3919000
|
| Size: |
8192
|
|
|
3682000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003682000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3682000
|
| Size: |
40960
|
|
|
3051000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003051000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3051000
|
| Size: |
4096
|
|
|
32E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32E4000
|
| Size: |
4096
|
|
|
3227000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003227000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3227000
|
| Size: |
4096
|
|
|
65D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1302124860.00000000065D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
65D0000
|
| Size: |
53248
|
|
|
3021000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003021000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3021000
|
| Size: |
4096
|
|
|
337F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000337F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337F000
|
| Size: |
4096
|
|
|
38E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38E2000
|
| Size: |
36864
|
|
|
357B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000357B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
357B000
|
| Size: |
4096
|
|
|
3804000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003804000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3804000
|
| Size: |
4096
|
|
|
1970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422145804.0000000001970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1970000
|
| Size: |
4096
|
|
|
30B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30B1000
|
| Size: |
4096
|
|
|
1607000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289591134.0000000001607000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1607000
|
| Size: |
4096
|
|
|
5DA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299561917.0000000005DA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5DA5000
|
| Size: |
36864
|
|
|
3A62000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A62000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A62000
|
| Size: |
4096
|
|
|
10AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289273236.00000000010AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10AC000
|
| Size: |
16384
|
|
|
3210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3210000
|
| Size: |
503808
|
|
|
1600000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289566989.0000000001600000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1600000
|
| Size: |
4096
|
|
|
13F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417854155.00000000013F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13F0000
|
| Size: |
8192
|
|
|
3279000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003279000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3279000
|
| Size: |
4096
|
|
|
12EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.00000000012EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12EB000
|
| Size: |
4096
|
|
|
32B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B3000
|
| Size: |
4096
|
|
|
38F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F6000
|
| Size: |
4096
|
|
|
31E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000031E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31E9000
|
| Size: |
8192
|
|
|
6620000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1302557825.0000000006620000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6620000
|
| Size: |
65536
|
|
|
31F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000031F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F3000
|
| Size: |
8192
|
|
|
3033000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003033000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3033000
|
| Size: |
4096
|
|
|
3316000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003316000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3316000
|
| Size: |
4096
|
|
|
3383000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003383000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3383000
|
| Size: |
4096
|
|
|
6D2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432087390.0000000006D2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6D2E000
|
| Size: |
8192
|
|
|
3A2F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A2F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2F000
|
| Size: |
4096
|
|
|
3525000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003525000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3525000
|
| Size: |
4096
|
|
|
34A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34A9000
|
| Size: |
12288
|
|
|
5FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536643018.0000000005FC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5FC0000
|
| Size: |
16384
|
|
|
3529000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003529000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3529000
|
| Size: |
4096
|
|
|
31F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F3000
|
| Size: |
4096
|
|
|
369B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000369B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
369B000
|
| Size: |
4096
|
|
|
31BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BB000
|
| Size: |
4096
|
|
|
34A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34A1000
|
| Size: |
4096
|
|
|
365B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000365B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
365B000
|
| Size: |
4096
|
|
|
64C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301332777.00000000064C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64C0000
|
| Size: |
65536
|
|
|
35C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35C5000
|
| Size: |
4096
|
|
|
320C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000320C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320C000
|
| Size: |
4096
|
|
|
32E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32E7000
|
| Size: |
53248
|
|
|
378B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000378B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
378B000
|
| Size: |
53248
|
|
|
33CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33CC000
|
| Size: |
12288
|
|
|
332D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000332D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
332D000
|
| Size: |
12288
|
|
|
3318000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290463022.0000000003318000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3318000
|
| Size: |
8192
|
|
|
34DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34DE000
|
| Size: |
4096
|
|
|
1210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521482614.0000000001210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1210000
|
| Size: |
40960
|
|
|
3039000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003039000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3039000
|
| Size: |
4096
|
|
|
330A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000330A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
330A000
|
| Size: |
8192
|
|
|
3A1D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A1D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A1D000
|
| Size: |
28672
|
|
|
3221000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003221000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3221000
|
| Size: |
12288
|
|
|
19A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422424246.00000000019A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19A6000
|
| Size: |
40960
|
|
|
3368000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003368000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3368000
|
| Size: |
8192
|
|
|
30AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30AB000
|
| Size: |
20480
|
|
|
3180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3180000
|
| Size: |
348160
|
|
|
38B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38B1000
|
| Size: |
4096
|
|
|
3514000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003514000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3514000
|
| Size: |
4096
|
|
|
15D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289446612.00000000015D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
3304000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003304000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3304000
|
| Size: |
53248
|
|
|
5DD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1299705917.0000000005DD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5DD0000
|
| Size: |
61440
|
|
|
3087000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003087000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3087000
|
| Size: |
4096
|
|
|
15FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.00000000015FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15FE000
|
| Size: |
45056
|
|
|
3275000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003275000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3275000
|
| Size: |
4096
|
|
|
1520000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421854308.0000000001520000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1520000
|
| Size: |
16384
|
|
|
33CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33CB000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
15C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419695161.00000000015C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C4000
|
| Size: |
8192
|
|
|
392C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000392C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392C000
|
| Size: |
4096
|
|
|
2F50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423081099.0000000002F50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F50000
|
| Size: |
65536
|
|
|
6110000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537457651.0000000006110000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6110000
|
| Size: |
24576
|
|
|
36AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AE000
|
| Size: |
12288
|
|
|
30A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A4000
|
| Size: |
4096
|
|
|
36FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FC000
|
| Size: |
4096
|
|
|
34C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34C9000
|
| Size: |
40960
|
|
|
3109000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003109000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3109000
|
| Size: |
4096
|
|
|
37B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B8000
|
| Size: |
4096
|
|
|
39FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39FB000
|
| Size: |
57344
|
|
|
33B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33B7000
|
| Size: |
4096
|
|
|
3661000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003661000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3661000
|
| Size: |
4096
|
|
|
35E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35E0000
|
| Size: |
4096
|
|
|
41D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000041D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
41D8000
|
| Size: |
4096
|
|
|
5ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299430908.0000000005ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ADE000
|
| Size: |
8192
|
|
|
1EBA1336000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412301066.000001EBA1336000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1336000
|
| Size: |
90112
|
|
|
303B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000303B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303B000
|
| Size: |
4096
|
|
|
37F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37F0000
|
| Size: |
53248
|
|
|
5780000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428807016.0000000005780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5780000
|
| Size: |
4096
|
|
|
39F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39F7000
|
| Size: |
12288
|
|
|
1410000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289328035.0000000001410000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1410000
|
| Size: |
4096
|
|
|
32F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32F7000
|
| Size: |
4096
|
|
|
331B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000331B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
331B000
|
| Size: |
4096
|
|
|
3A2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A2D000
|
| Size: |
4096
|
|
|
58C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299322681.00000000058C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58C0000
|
| Size: |
65536
|
|
|
3759000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003759000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3759000
|
| Size: |
28672
|
|
|
38F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38F2000
|
| Size: |
4096
|
|
|
3262000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003262000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3262000
|
| Size: |
4096
|
|
|
3390000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003390000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3390000
|
| Size: |
4096
|
|
|
60F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537235563.00000000060F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
60F0000
|
| Size: |
65536
|
|
|
30FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30FB000
|
| Size: |
28672
|
|
|
322B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000322B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
322B000
|
| Size: |
4096
|
|
|
39E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E1000
|
| Size: |
4096
|
|
|
6074FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1411981000.0000006074FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6074FFF000
|
| Size: |
4096
|
|
|
3680000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003680000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3680000
|
| Size: |
4096
|
|
|
3982000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003982000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3982000
|
| Size: |
4096
|
|
|
15FA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289552730.00000000015FA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15FA000
|
| Size: |
4096
|
|
|
1EBA1395000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412351625.000001EBA1395000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1395000
|
| Size: |
155648
|
|
|
2F36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F36000
|
| Size: |
16384
|
|
|
64E0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301441066.00000000064E0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
64E0000
|
| Size: |
393216
|
|
|
5A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536067454.0000000005A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A4E000
|
| Size: |
8192
|
|
|
60752FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412043113.00000060752FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60752FE000
|
| Size: |
8192
|
|
|
3159000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003159000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3159000
|
| Size: |
4096
|
|
|
5E1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430356541.0000000005E1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E1E000
|
| Size: |
8192
|
|
|
3424000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003424000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3424000
|
| Size: |
4096
|
|
|
3FA9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003FA9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FA9000
|
| Size: |
180224
|
|
|
574E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535640176.000000000574E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
574E000
|
| Size: |
8192
|
|
|
60754FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412092953.00000060754FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60754FE000
|
| Size: |
8192
|
|
|
36AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AC000
|
| Size: |
4096
|
|
|
371D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000371D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
371D000
|
| Size: |
4096
|
|
|
589E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.000000000589E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
589E000
|
| Size: |
57344
|
|
|
352F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000352F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
352F000
|
| Size: |
40960
|
|
|
33C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33C3000
|
| Size: |
4096
|
|
|
328E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000328E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
328E000
|
| Size: |
4096
|
|
|
1010000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521255130.0000000001010000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1010000
|
| Size: |
8192
|
|
|
69E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303798334.00000000069E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69E0000
|
| Size: |
12288
|
|
|
2EA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523691930.0000000002EA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA0000
|
| Size: |
65536
|
|
|
336B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000336B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
336B000
|
| Size: |
45056
|
|
|
3608000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003608000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3608000
|
| Size: |
12288
|
|
|
14C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421142788.00000000014C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14C2000
|
| Size: |
4096
|
|
|
31C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31C1000
|
| Size: |
4096
|
|
|
377E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000377E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377E000
|
| Size: |
4096
|
|
|
3560000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003560000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3560000
|
| Size: |
4096
|
|
|
34AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34AD000
|
| Size: |
57344
|
|
|
2F60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423218928.0000000002F60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F60000
|
| Size: |
49152
|
|
|
1EBA134C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411711731.000001EBA134C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA134C000
|
| Size: |
8192
|
|
|
34A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34A3000
|
| Size: |
4096
|
|
|
442B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000442B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
442B000
|
| Size: |
20480
|
|
|
3863000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003863000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3863000
|
| Size: |
53248
|
|
|
36E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E3000
|
| Size: |
4096
|
|
|
10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2418503025.00000000010C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
10C0000
|
| Size: |
65536
|
|
|
3995000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003995000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3995000
|
| Size: |
12288
|
|
|
3A0E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A0E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A0E000
|
| Size: |
12288
|
|
|
33AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33AF000
|
| Size: |
4096
|
|
|
3350000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003350000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3350000
|
| Size: |
94208
|
|
|
69AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431706510.00000000069AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69AE000
|
| Size: |
8192
|
|
|
64FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430668194.00000000064FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64FC000
|
| Size: |
4096
|
|
|
651A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430877200.000000000651A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
651A000
|
| Size: |
40960
|
|
|
649E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430850048.000000000649E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
649E000
|
| Size: |
8192
|
|
|
37BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37BC000
|
| Size: |
4096
|
|
|
11DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521373752.00000000011DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11DE000
|
| Size: |
8192
|
|
|
364D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000364D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
364D000
|
| Size: |
53248
|
|
|
143F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523206802.000000000143F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
143F000
|
| Size: |
4096
|
|
|
4311000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004311000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4311000
|
| Size: |
4096
|
|
|
33FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33FB000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3969000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003969000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3969000
|
| Size: |
40960
|
|
|
3329000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003329000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3329000
|
| Size: |
4096
|
|
|
30F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F2000
|
| Size: |
12288
|
|
|
59BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430045735.00000000059BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59BF000
|
| Size: |
4096
|
|
|
37AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37AE000
|
| Size: |
12288
|
|
|
5966000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2429863744.0000000005966000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5966000
|
| Size: |
8192
|
|
|
3064000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003064000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3064000
|
| Size: |
4096
|
|
|
3471000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003471000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3471000
|
| Size: |
4096
|
|
|
388E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000388E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
388E000
|
| Size: |
4096
|
|
|
30EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30EE000
|
| Size: |
4096
|
|
|
2ECF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422250205.0000000002ECF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ECF000
|
| Size: |
4096
|
|
|
64A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430877200.00000000064A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A0000
|
| Size: |
393216
|
|
|
31FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31FD000
|
| Size: |
49152
|
|
|
6DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432655580.0000000006DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DBF000
|
| Size: |
4096
|
|
|
14D7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421402240.00000000014D7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14D7000
|
| Size: |
4096
|
|
|
3976000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003976000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3976000
|
| Size: |
4096
|
|
|
35F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35F1000
|
| Size: |
4096
|
|
|
1618000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.0000000001618000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1618000
|
| Size: |
176128
|
|
|
34F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34F9000
|
| Size: |
4096
|
|
|
174E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421223568.000000000174E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
174E000
|
| Size: |
8192
|
|
|
4042000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004042000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4042000
|
| Size: |
12288
|
|
|
40B9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040B9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40B9000
|
| Size: |
8192
|
|
|
1652000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419801823.0000000001652000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1652000
|
| Size: |
282624
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
43FF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000043FF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
43FF000
|
| Size: |
4096
|
|
|
39AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39AE000
|
| Size: |
4096
|
|
|
359A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000359A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
359A000
|
| Size: |
4096
|
|
|
14B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420935236.00000000014B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14B0000
|
| Size: |
45056
|
|
|
451C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000451C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
451C000
|
| Size: |
20480
|
|
|
3167000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003167000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3167000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
60E0000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299941681.00000000060E0000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
60E0000
|
| Size: |
1093632
|
|
|
1226000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521581946.0000000001226000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1226000
|
| Size: |
8192
|
|
|
58F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535938525.00000000058F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58F0000
|
| Size: |
8192
|
|
|
3704000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003704000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3704000
|
| Size: |
4096
|
|
|
3702000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003702000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3702000
|
| Size: |
4096
|
|
|
3039000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003039000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3039000
|
| Size: |
4096
|
|
|
1282000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.0000000001282000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1282000
|
| Size: |
180224
|
|
|
6503000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430877200.0000000006503000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6503000
|
| Size: |
8192
|
|
|
5A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430199584.0000000005A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A7E000
|
| Size: |
8192
|
|
|
3767000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003767000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3767000
|
| Size: |
4096
|
|
|
412000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000412000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
412000
|
| Size: |
4096
|
|
|
5514000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429512110.0000000005514000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5514000
|
| Size: |
4096
|
|
|
14AD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2420879332.00000000014AD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14AD000
|
| Size: |
4096
|
|
|
67DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431852146.00000000067DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67DE000
|
| Size: |
8192
|
|
|
3629000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003629000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3629000
|
| Size: |
4096
|
|
|
35F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35F7000
|
| Size: |
4096
|
|
|
3708000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003708000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3708000
|
| Size: |
40960
|
|
|
3930000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003930000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3930000
|
| Size: |
4096
|
|
|
681E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431896143.000000000681E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
681E000
|
| Size: |
8192
|
|
|
31F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290383511.00000000031F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31F0000
|
| Size: |
65536
|
|
|
18D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421403416.00000000018D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18D0000
|
| Size: |
28672
|
|
|
342B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000342B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
342B000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3619000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003619000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3619000
|
| Size: |
4096
|
|
|
14DB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421457604.00000000014DB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14DB000
|
| Size: |
4096
|
|
|
691E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431933587.000000000691E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
691E000
|
| Size: |
8192
|
|
|
3860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3860000
|
| Size: |
4096
|
|
|
6C2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432023354.0000000006C2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C2E000
|
| Size: |
8192
|
|
|
1267000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.0000000001267000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1267000
|
| Size: |
102400
|
|
|
3A16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A16000
|
| Size: |
4096
|
|
|
18CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290100603.00000000018CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
18CE000
|
| Size: |
8192
|
|
|
64D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301383049.00000000064D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
64D0000
|
| Size: |
65536
|
|
|
3411000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003411000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3411000
|
| Size: |
4096
|
|
|
383A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000383A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383A000
|
| Size: |
4096
|
|
|
6670000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1302840709.0000000006670000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
6670000
|
| Size: |
286720
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
3974000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003974000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3974000
|
| Size: |
4096
|
|
|
376F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000376F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
376F000
|
| Size: |
49152
|
|
|
6180000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537800794.0000000006180000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6180000
|
| Size: |
57344
|
|
|
5ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430302549.0000000005ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ABE000
|
| Size: |
8192
|
|
|
14B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523403147.00000000014B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B0000
|
| Size: |
4096
|
|
|
6D40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2432243685.0000000006D40000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6D40000
|
| Size: |
65536
|
|
|
433000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000433000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
433000
|
| Size: |
8192
|
|
|
3961000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003961000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3961000
|
| Size: |
4096
|
|
|
381B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000381B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
381B000
|
| Size: |
4096
|
|
|
3A18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A18000
|
| Size: |
8192
|
|
|
4473000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.0000000004473000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4473000
|
| Size: |
12288
|
|
|
3697000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003697000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3697000
|
| Size: |
4096
|
|
|
3490000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003490000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3490000
|
| Size: |
4096
|
|
|
1230000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.0000000001230000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1230000
|
| Size: |
28672
|
|
|
3562000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003562000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3562000
|
| Size: |
4096
|
|
|
5268000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428644156.0000000005268000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5268000
|
| Size: |
4096
|
|
|
320A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000320A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320A000
|
| Size: |
4096
|
|
|
34CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34CD000
|
| Size: |
12288
|
|
|
1670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289644661.0000000001670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1670000
|
| Size: |
16384
|
|
|
1405000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417986027.0000000001405000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1405000
|
| Size: |
12288
|
|
|
1400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417986027.0000000001400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1400000
|
| Size: |
16384
|
|
|
5E30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536370761.0000000005E30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5E30000
|
| Size: |
65536
|
|
|
58D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535773037.00000000058D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58D0000
|
| Size: |
32768
|
|
|
3229000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003229000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3229000
|
| Size: |
4096
|
|
|
30DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30DD000
|
| Size: |
4096
|
|
|
13E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417751449.00000000013E0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E0000
|
| Size: |
4096
|
|
|
3765000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003765000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3765000
|
| Size: |
4096
|
|
|
37FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37FE000
|
| Size: |
12288
|
|
|
BCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521185626.0000000000BCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCC000
|
| Size: |
16384
|
|
|
34FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34FB000
|
| Size: |
4096
|
|
|
15F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289518112.00000000015F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15F2000
|
| Size: |
4096
|
|
|
3566000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003566000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3566000
|
| Size: |
24576
|
|
|
1248000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521685174.0000000001248000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1248000
|
| Size: |
16384
|
|
|
3187000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003187000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3187000
|
| Size: |
4096
|
|
|
3085000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003085000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3085000
|
| Size: |
4096
|
|
|
1EBA1510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412502668.000001EBA1510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1510000
|
| Size: |
4096
|
|
|
1EBA1300000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412219343.000001EBA1300000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1300000
|
| Size: |
28672
|
|
|
14A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1523323506.00000000014A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14A0000
|
| Size: |
65536
|
|
|
6532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.0000000006532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6532000
|
| Size: |
16384
|
|
|
387B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000387B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
387B000
|
| Size: |
4096
|
|
|
467E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.000000000467E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
467E000
|
| Size: |
290816
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
FB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417673385.0000000000FB0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FB0000
|
| Size: |
4096
|
|
|
6130000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1537594021.0000000006130000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6130000
|
| Size: |
65536
|
|
|
3598000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003598000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3598000
|
| Size: |
4096
|
|
|
3A44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A44000
|
| Size: |
4096
|
|
|
33AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33AD000
|
| Size: |
4096
|
|
|
3318000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003318000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3318000
|
| Size: |
4096
|
|
|
594E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536036003.000000000594E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
594E000
|
| Size: |
8192
|
|
|
14E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2418311271.00000000014E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14E0000
|
| Size: |
8192
|
|
|
1EBA1329000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412219343.000001EBA1329000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1329000
|
| Size: |
49152
|
|
|
6940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432193643.0000000006940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6940000
|
| Size: |
8192
|
|
|
1238000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.0000000001238000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1238000
|
| Size: |
86016
|
|
|
33C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33C1000
|
| Size: |
4096
|
|
|
3339000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003339000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3339000
|
| Size: |
49152
|
|
|
37DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37DF000
|
| Size: |
12288
|
|
|
310D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000310D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
310D000
|
| Size: |
4096
|
|
|
436C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000436C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
436C000
|
| Size: |
8192
|
|
|
422000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000422000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
422000
|
| Size: |
4096
|
|
|
39B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B0000
|
| Size: |
4096
|
|
|
383C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000383C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
383C000
|
| Size: |
4096
|
|
|
15E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289472275.00000000015E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15E0000
|
| Size: |
53248
|
|
|
6566000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430749983.0000000006566000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6566000
|
| Size: |
4096
|
|
|
35AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35AB000
|
| Size: |
102400
|
|
|
3913000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003913000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3913000
|
| Size: |
4096
|
|
|
33F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33F4000
|
| Size: |
4096
|
|
|
3301000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003301000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3301000
|
| Size: |
4096
|
|
|
2F31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F31000
|
| Size: |
16384
|
|
|
18E6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2421640042.00000000018E6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
18E6000
|
| Size: |
8192
|
|
|
2E5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523636115.0000000002E5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E5E000
|
| Size: |
8192
|
|
|
3022000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003022000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3022000
|
| Size: |
16384
|
|
|
3A6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A6A000
|
| Size: |
4096
|
|
|
33D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33D0000
|
| Size: |
4096
|
|
|
3510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3510000
|
| Size: |
4096
|
|
|
131C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420481454.000000000131C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
131C000
|
| Size: |
77824
|
|
|
15C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419573843.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C0000
|
| Size: |
8192
|
|
|
1490000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420652065.0000000001490000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1490000
|
| Size: |
8192
|
|
|
3A68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A68000
|
| Size: |
4096
|
|
|
3055000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003055000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3055000
|
| Size: |
57344
|
|
|
320E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000320E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
320E000
|
| Size: |
4096
|
|
|
3706000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003706000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3706000
|
| Size: |
4096
|
|
|
33F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33F2000
|
| Size: |
4096
|
|
|
397E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000397E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397E000
|
| Size: |
4096
|
|
|
316C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000316C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
316C000
|
| Size: |
4096
|
|
|
37BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37BA000
|
| Size: |
4096
|
|
|
15C3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2419645478.00000000015C3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15C3000
|
| Size: |
4096
|
|
|
312C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000312C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312C000
|
| Size: |
4096
|
|
|
10A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417881914.00000000010A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A0000
|
| Size: |
16384
|
|
|
5E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536503599.0000000005E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E9E000
|
| Size: |
8192
|
|
|
2F3D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F3D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F3D000
|
| Size: |
69632
|
|
|
3999000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003999000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3999000
|
| Size: |
4096
|
|
|
367E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000367E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
367E000
|
| Size: |
4096
|
|
|
5FB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1536599060.0000000005FB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5FB0000
|
| Size: |
28672
|
|
|
369E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000369E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
28672
|
|
|
100E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1169932223.000000000100E000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
100E000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
31A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A8000
|
| Size: |
4096
|
|
|
368D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000368D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
368D000
|
| Size: |
12288
|
|
|
15DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1289459917.00000000015DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15DD000
|
| Size: |
4096
|
|
|
36B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B4000
|
| Size: |
4096
|
|
|
3302000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003302000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3302000
|
| Size: |
8192
|
|
|
34A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34A5000
|
| Size: |
4096
|
|
|
3780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3780000
|
| Size: |
4096
|
|
|
34D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34D6000
|
| Size: |
4096
|
|
|
3806000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003806000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3806000
|
| Size: |
4096
|
|
|
392E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000392E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392E000
|
| Size: |
4096
|
|
|
10A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2417881914.00000000010A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A5000
|
| Size: |
12288
|
|
|
6710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303562824.0000000006710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6710000
|
| Size: |
4096
|
|
|
33C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000033C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33C5000
|
| Size: |
4096
|
|
|
3068000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003068000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3068000
|
| Size: |
4096
|
|
|
68AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431668104.00000000068AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
68AE000
|
| Size: |
8192
|
|
|
30A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A7000
|
| Size: |
12288
|
|
|
37ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37ED000
|
| Size: |
4096
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2418994396.0000000001110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
16384
|
|
|
15C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289408667.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C0000
|
| Size: |
8192
|
|
|
6994000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2432283427.0000000006994000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6994000
|
| Size: |
36864
|
|
|
14BD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421059425.00000000014BD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14BD000
|
| Size: |
4096
|
|
|
607492A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1411911428.000000607492A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
607492A000
|
| Size: |
24576
|
|
|
341D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000341D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
341D000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3582000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003582000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3582000
|
| Size: |
53248
|
|
|
3926000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003926000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3926000
|
| Size: |
4096
|
|
|
5AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430648692.0000000005AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5AE0000
|
| Size: |
65536
|
|
|
3428000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003428000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3428000
|
| Size: |
4096
|
|
|
3031000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003031000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3031000
|
| Size: |
4096
|
|
|
3312000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003312000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3312000
|
| Size: |
4096
|
|
|
31AF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031AF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31AF000
|
| Size: |
12288
|
|
|
38C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38C4000
|
| Size: |
12288
|
|
|
3610000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003610000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3610000
|
| Size: |
4096
|
|
|
2DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422072030.0000000002DB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DB0000
|
| Size: |
65536
|
|
|
125A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.000000000125A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
125A000
|
| Size: |
16384
|
|
|
1590000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523558002.0000000001590000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1590000
|
| Size: |
65536
|
|
|
34D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34D2000
|
| Size: |
8192
|
|
|
64A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1301216678.00000000064A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
64A0000
|
| Size: |
65536
|
|
|
4208000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004208000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4208000
|
| Size: |
20480
|
|
|
394F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000394F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
394F000
|
| Size: |
45056
|
|
|
3802000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003802000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3802000
|
| Size: |
4096
|
|
|
32CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32CC000
|
| Size: |
94208
|
|
|
3092000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003092000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3092000
|
| Size: |
4096
|
|
|
379D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000379D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
379D000
|
| Size: |
4096
|
|
|
3488000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003488000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3488000
|
| Size: |
4096
|
|
|
308C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.000000000308C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
308C000
|
| Size: |
4096
|
|
|
1190000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2419240542.0000000001190000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1190000
|
| Size: |
36864
|
|
|
3475000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003475000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3475000
|
| Size: |
4096
|
|
|
3901000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003901000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3901000
|
| Size: |
36864
|
|
|
31AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31AD000
|
| Size: |
4096
|
|
|
39B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B8000
|
| Size: |
118784
|
|
|
39EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000039EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39EB000
|
| Size: |
12288
|
|
|
3945000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003945000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3945000
|
| Size: |
4096
|
|
|
58D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1299369428.00000000058D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
58D0000
|
| Size: |
4096
|
|
|
5AC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2430351877.0000000005AC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5AC0000
|
| Size: |
65536
|
|
|
3838000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003838000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3838000
|
| Size: |
4096
|
|
|
6250000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1537941943.0000000006250000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6250000
|
| Size: |
245760
|
|
|
33BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33BB000
|
| Size: |
57344
|
|
|
58BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299297367.00000000058BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58BE000
|
| Size: |
8192
|
|
|
31AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31AA000
|
| Size: |
4096
|
|
|
434D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.000000000434D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
434D000
|
| Size: |
8192
|
|
|
4149000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004149000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4149000
|
| Size: |
8192
|
|
|
1EBA1365000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411735717.000001EBA1365000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1365000
|
| Size: |
192512
|
|
|
30E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.00000000030E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30E9000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
6BEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431980146.0000000006BEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BEE000
|
| Size: |
8192
|
|
|
4117000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004117000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4117000
|
| Size: |
20480
|
|
|
367C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000367C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
367C000
|
| Size: |
4096
|
|
|
60753FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412067406.00000060753FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60753FE000
|
| Size: |
8192
|
|
|
65E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1302235370.00000000065E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
65E0000
|
| Size: |
65536
|
|
|
3898000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003898000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3898000
|
| Size: |
4096
|
|
|
1265000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.0000000001265000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1265000
|
| Size: |
4096
|
|
|
3984000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003984000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3984000
|
| Size: |
40960
|
|
|
3394000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003394000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3394000
|
| Size: |
4096
|
|
|
121D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1521532110.000000000121D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
121D000
|
| Size: |
4096
|
|
|
3422000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003422000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3422000
|
| Size: |
4096
|
|
|
4267000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000004267000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4267000
|
| Size: |
12288
|
|
|
3FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003FF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FF0000
|
| Size: |
4096
|
|
|
35D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35D8000
|
| Size: |
4096
|
|
|
41CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000041CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
41CF000
|
| Size: |
12288
|
|
|
38DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38DB000
|
| Size: |
4096
|
|
|
3A5E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A5E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A5E000
|
| Size: |
4096
|
|
|
18F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421773035.00000000018F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
18F0000
|
| Size: |
4096
|
|
|
376D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000376D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
376D000
|
| Size: |
4096
|
|
|
3590000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003590000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3590000
|
| Size: |
4096
|
|
|
3478000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003478000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3478000
|
| Size: |
45056
|
|
|
33D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33D2000
|
| Size: |
4096
|
|
|
33EC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033EC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33EC000
|
| Size: |
4096
|
|
|
1EBA134E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411664918.000001EBA134E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA134E000
|
| Size: |
12288
|
|
|
304D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000304D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
304D000
|
| Size: |
4096
|
|
|
6525000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430877200.0000000006525000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6525000
|
| Size: |
24576
|
|
|
341E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000341E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
341E000
|
| Size: |
12288
|
|
|
34D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34D8000
|
| Size: |
4096
|
|
|
1268000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419510014.0000000001268000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1268000
|
| Size: |
475136
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
34DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34DA000
|
| Size: |
4096
|
|
|
2F10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2422379693.0000000002F10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F10000
|
| Size: |
32768
|
|
|
61A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1537861663.00000000061A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
61A0000
|
| Size: |
65536
|
|
|
3691000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003691000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3691000
|
| Size: |
4096
|
|
|
5FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1536862098.0000000005FF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5FF0000
|
| Size: |
45056
|
|
|
3808000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003808000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3808000
|
| Size: |
4096
|
|
|
69E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1303798334.00000000069E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69E4000
|
| Size: |
4096
|
|
|
3068000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003068000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3068000
|
| Size: |
4096
|
|
|
14CA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2421246098.00000000014CA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
14CA000
|
| Size: |
8192
|
|
|
14F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2421522184.00000000014F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14F0000
|
| Size: |
4096
|
|
|
5516000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429512110.0000000005516000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5516000
|
| Size: |
8192
|
|
|
330E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290448087.000000000330E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
330E000
|
| Size: |
8192
|
|
|
36A6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036A6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36A6000
|
| Size: |
20480
|
|
|
339A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000339A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
339A000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
65B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1301934475.00000000065B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
65B0000
|
| Size: |
65536
|
|
|
35DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35DA000
|
| Size: |
4096
|
|
|
1EBA1365000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412351625.000001EBA1365000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1365000
|
| Size: |
192512
|
|
|
312A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000312A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
312A000
|
| Size: |
4096
|
|
|
19A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422424246.00000000019A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
19A0000
|
| Size: |
4096
|
|
|
33D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33D4000
|
| Size: |
86016
|
|
|
36FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36FE000
|
| Size: |
4096
|
|
|
1EBA134D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412331423.000001EBA134D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA134D000
|
| Size: |
4096
|
|
|
2E9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523661757.0000000002E9C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E9C000
|
| Size: |
16384
|
|
|
32A9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032A9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32A9000
|
| Size: |
12288
|
|
|
3917000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003917000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3917000
|
| Size: |
4096
|
|
|
1EBA1240000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412191102.000001EBA1240000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1240000
|
| Size: |
4096
|
|
|
337D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000337D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337D000
|
| Size: |
4096
|
|
|
554E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535594096.000000000554E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
554E000
|
| Size: |
8192
|
|
|
365F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000365F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
365F000
|
| Size: |
4096
|
|
|
3A32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A32000
|
| Size: |
53248
|
|
|
306A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000306A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306A000
|
| Size: |
4096
|
|
|
1920000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2422009747.0000000001920000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1920000
|
| Size: |
4096
|
|
|
1EBA1336000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411683596.000001EBA1336000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1336000
|
| Size: |
98304
|
|
|
587E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299275310.000000000587E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
587E000
|
| Size: |
8192
|
|
|
3377000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003377000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3377000
|
| Size: |
4096
|
|
|
10D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1521335641.00000000010D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D0000
|
| Size: |
16384
|
|
|
315B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000315B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
315B000
|
| Size: |
57344
|
|
|
38CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000038CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38CE000
|
| Size: |
40960
|
|
|
3596000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003596000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3596000
|
| Size: |
4096
|
|
|
345B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000345B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
345B000
|
| Size: |
364544
|
|
|
64F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1538492810.00000000064F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64F0000
|
| Size: |
299008
|
|
|
3980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3980000
|
| Size: |
4096
|
|
|
16DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289695539.00000000016DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16DE000
|
| Size: |
155648
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
3333000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003333000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3333000
|
| Size: |
4096
|
|
|
64F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2430668194.00000000064F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64F0000
|
| Size: |
4096
|
|
|
662E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431509358.000000000662E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
662E000
|
| Size: |
8192
|
|
|
36E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E7000
|
| Size: |
4096
|
|
|
551A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429512110.000000000551A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
551A000
|
| Size: |
24576
|
|
|
31BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000031BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31BF000
|
| Size: |
4096
|
|
|
166E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289629779.000000000166E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
166E000
|
| Size: |
8192
|
|
|
3730000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003730000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3730000
|
| Size: |
4096
|
|
|
1EBA135B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411735717.000001EBA135B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA135B000
|
| Size: |
28672
|
|
|
3894000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003894000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3894000
|
| Size: |
4096
|
|
|
44E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2426906098.00000000044E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44E3000
|
| Size: |
12288
|
|
|
127A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2417502228.000000000127A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
127A000
|
| Size: |
24576
|
|
|
318D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000318D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
318D000
|
| Size: |
4096
|
|
|
3832000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003832000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3832000
|
| Size: |
4096
|
|
|
1560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419277871.0000000001560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1560000
|
| Size: |
4096
|
|
|
3FEA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003FEA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FEA000
|
| Size: |
4096
|
|
|
30F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30F0000
|
| Size: |
4096
|
|
|
373A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000373A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
373A000
|
| Size: |
4096
|
|
|
3246000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003246000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3246000
|
| Size: |
4096
|
|
|
589B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.000000000589B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
589B000
|
| Size: |
8192
|
|
|
5533000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429789038.0000000005533000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5533000
|
| Size: |
8192
|
|
|
3157000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003157000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3157000
|
| Size: |
4096
|
|
|
5F2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299859149.0000000005F2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F2E000
|
| Size: |
8192
|
|
|
3834000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003834000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3834000
|
| Size: |
4096
|
|
|
3672000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003672000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3672000
|
| Size: |
12288
|
|
|
46E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1297862990.00000000046E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
46E4000
|
| Size: |
356352
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
33EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290517943.00000000033EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33EE000
|
| Size: |
8192
|
|
|
3F63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1534510906.0000000003F63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F63000
|
| Size: |
90112
|
|
|
36DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36DF000
|
| Size: |
4096
|
|
|
3A42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A42000
|
| Size: |
4096
|
|
|
3118000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003118000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3118000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
3172000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003172000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3172000
|
| Size: |
4096
|
|
|
3761000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003761000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3761000
|
| Size: |
4096
|
|
|
387D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000387D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
387D000
|
| Size: |
4096
|
|
|
3FEE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.0000000003FEE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FEE000
|
| Size: |
4096
|
|
|
32A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32A5000
|
| Size: |
12288
|
|
|
3265000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003265000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3265000
|
| Size: |
53248
|
|
|
6B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2431888451.0000000006B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B6E000
|
| Size: |
8192
|
|
|
3947000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003947000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3947000
|
| Size: |
16384
|
|
|
37A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37A3000
|
| Size: |
32768
|
|
|
327B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000327B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
327B000
|
| Size: |
4096
|
|
|
377C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000377C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
377C000
|
| Size: |
4096
|
|
|
3103000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003103000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3103000
|
| Size: |
12288
|
|
|
3083000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003083000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3083000
|
| Size: |
4096
|
|
|
304F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000304F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
304F000
|
| Size: |
4096
|
|
|
5886000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1535689180.0000000005886000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5886000
|
| Size: |
40960
|
|
|
2FE9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000002FE9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE9000
|
| Size: |
12288
|
|
|
332B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000332B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
332B000
|
| Size: |
4096
|
|
|
36EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36EB000
|
| Size: |
4096
|
|
|
3871000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003871000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3871000
|
| Size: |
4096
|
|
|
3111000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003111000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3111000
|
| Size: |
4096
|
|
|
15D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1289420807.00000000015D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
12288
|
|
|
1530000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2419186067.0000000001530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1530000
|
| Size: |
16384
|
|
|
3473000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003473000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3473000
|
| Size: |
4096
|
|
|
321F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000321F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
321F000
|
| Size: |
4096
|
|
|
675E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431776838.000000000675E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
675E000
|
| Size: |
8192
|
|
|
35DE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000035DE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35DE000
|
| Size: |
4096
|
|
|
60DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299916585.00000000060DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60DE000
|
| Size: |
8192
|
|
|
435000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2416350744.0000000000435000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
435000
|
| Size: |
4096
|
|
|
3445000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003445000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3445000
|
| Size: |
4096
|
|
|
436000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2416368025.0000000000436000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
436000
|
| Size: |
8192
|
|
|
34A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34A7000
|
| Size: |
4096
|
|
|
5530000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2429789038.0000000005530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5530000
|
| Size: |
4096
|
|
|
1760000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2421286710.0000000001760000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1760000
|
| Size: |
8192
|
|
|
30A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A0000
|
| Size: |
4096
|
|
|
33A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000033A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
33A1000
|
| Size: |
36864
|
|
|
32B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32B7000
|
| Size: |
49152
|
|
|
3A0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003A0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A0A000
|
| Size: |
4096
|
|
|
3819000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003819000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3819000
|
| Size: |
4096
|
|
|
37EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37EB000
|
| Size: |
4096
|
|
|
34C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34C0000
|
| Size: |
4096
|
|
|
3029000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2423370342.0000000003029000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3029000
|
| Size: |
4096
|
|
|
1470000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2420597091.0000000001470000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1470000
|
| Size: |
4096
|
|
|
6DD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2432780551.0000000006DD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6DD0000
|
| Size: |
65536
|
|
|
3296000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003296000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3296000
|
| Size: |
12288
|
|
|
40EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000040EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40EB000
|
| Size: |
4096
|
|
|
3663000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003663000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3663000
|
| Size: |
4096
|
|
|
340D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000340D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
340D000
|
| Size: |
4096
|
|
|
352B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000352B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
352B000
|
| Size: |
4096
|
|
|
6140000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1537672734.0000000006140000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6140000
|
| Size: |
65536
|
|
|
3132000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003132000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3132000
|
| Size: |
8192
|
|
|
11F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2419422464.00000000011F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
8192
|
|
|
381F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000381F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
381F000
|
| Size: |
4096
|
|
|
3317000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.0000000003317000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3317000
|
| Size: |
4096
|
|
|
34C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000034C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34C2000
|
| Size: |
4096
|
|
|
3577000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003577000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3577000
|
| Size: |
4096
|
|
|
5883000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428861633.0000000005883000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5883000
|
| Size: |
8192
|
|
|
365D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.000000000365D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
365D000
|
| Size: |
4096
|
|
|
34E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.00000000034E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
34E6000
|
| Size: |
8192
|
|
|
58BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2428961098.00000000058BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
58BD000
|
| Size: |
36864
|
|
|
650F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430877200.000000000650F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
650F000
|
| Size: |
40960
|
|
|
661E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2431687703.000000000661E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
661E000
|
| Size: |
8192
|
|
|
337B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000337B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
337B000
|
| Size: |
4096
|
|
|
14E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2418311271.00000000014E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
14E7000
|
| Size: |
36864
|
|
|
3769000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003769000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3769000
|
| Size: |
4096
|
|
|
58BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430002497.00000000058BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58BE000
|
| Size: |
8192
|
|
|
3386000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003386000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3386000
|
| Size: |
53248
|
|
|
3107000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003107000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3107000
|
| Size: |
4096
|
|
|
330F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422846155.000000000330F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
330F000
|
| Size: |
4096
|
|
|
5A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2430147802.0000000005A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A3E000
|
| Size: |
8192
|
|
|
3441000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003441000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3441000
|
| Size: |
4096
|
|
|
402A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.000000000402A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
402A000
|
| Size: |
8192
|
|
|
346F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000346F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
346F000
|
| Size: |
4096
|
|
|
36D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36D1000
|
| Size: |
4096
|
|
|
41DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2427525890.00000000041DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
41DA000
|
| Size: |
4096
|
|
|
37B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000037B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37B4000
|
| Size: |
4096
|
|
|
1EBA1351000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000003.1411574831.000001EBA1351000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1351000
|
| Size: |
69632
|
|
|
36B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.00000000036B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36B8000
|
| Size: |
94208
|
|
|
5C6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1299493458.0000000005C6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C6C000
|
| Size: |
16384
|
|
|
32AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000032AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
32AD000
|
| Size: |
4096
|
|
|
30A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.00000000030A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30A2000
|
| Size: |
4096
|
|
|
3216000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003216000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3216000
|
| Size: |
4096
|
|
|
3606000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003606000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3606000
|
| Size: |
4096
|
|
|
1EBA1220000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1412167907.000001EBA1220000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1EBA1220000
|
| Size: |
8192
|
|
|
5AD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2430486243.0000000005AD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5AD0000
|
| Size: |
65536
|
|
|
19B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2422688168.00000000019B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
19B0000
|
| Size: |
16384
|
|
|
306E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.000000000306E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
306E000
|
| Size: |
8192
|
|
|
3879000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1290556972.0000000003879000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3879000
|
| Size: |
4096
|
|
|
3089000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1523800985.0000000003089000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3089000
|
| Size: |
4096
|
|
